X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Fetc%2FRT_Config.pm.in;h=5edb54c26bc6dc8a085c6d5283e7480577671a3f;hb=a72a10f754f7465121d6137bb3dcee0a21ea6443;hp=73639c103eb5d34833ea466bcf76c1f473dadcb0;hpb=624b2d44625f69d71175c3348cae635d580c890b;p=freeside.git diff --git a/rt/etc/RT_Config.pm.in b/rt/etc/RT_Config.pm.in index 73639c103..5edb54c26 100644 --- a/rt/etc/RT_Config.pm.in +++ b/rt/etc/RT_Config.pm.in @@ -1,338 +1,470 @@ +# +# RT was configured with: +# +# $ @CONFIGURE_INCANT@ +# package RT; +############################# WARNING ############################# +# # +# NEVER EDIT RT_Config.pm ! # +# # +# Instead, copy any sections you want to change to # +# RT_SiteConfig.pm and edit them there. Otherwise, # +# your changes will be lost when you upgrade RT. # +# # +############################# WARNING ############################# + =head1 NAME RT::Config -=for testing +=head1 Base configuration + +=over 4 + +=item C<$rtname> + +C<$rtname> is the string that RT will look for in mail messages to +figure out what ticket a new piece of mail belongs to. -use RT::Config; +Your domain name is recommended, so as not to pollute the namespace. +Once you start using a given tag, you should probably never change it; +otherwise, mail for existing tickets won't get put in the right place. =cut -=head1 WARNING +Set($rtname, "example.com"); -NEVER EDIT RT_Config.pm. +=item C<$Organization> -Instead, copy any sections you want to change to F and edit them there. +You should set this to your organization's DNS domain. For example, +I or I. It is used by the linking +interface to guarantee that ticket URIs are unique and easy to +construct. Changing it after you have created tickets in the system +will B all existing ticket links! =cut -=head1 Base Configuration - -=over 4 +Set($Organization, "example.com"); -=item C<$rtname> +=item C<$CorrespondAddress>, C<$CommentAddress> -C<$rtname> is the string that RT will look for in mail messages to -figure out what ticket a new piece of mail belongs to. +RT is designed such that any mail which already has a ticket-id +associated with it will get to the right place automatically. -Your domain name is recommended, so as not to pollute the namespace. -once you start using a given tag, you should probably never change it. -(otherwise, mail for existing tickets won't get put in the right place) +C<$CorrespondAddress> and C<$CommentAddress> are the default addresses +that will be listed in From: and Reply-To: headers of correspondence +and comment mail tracked by RT, unless overridden by a queue-specific +address. They should be set to email addresses which have been +configured as aliases for F. =cut -Set($rtname , "example.com"); +Set($CorrespondAddress, ''); +Set($CommentAddress, ''); -=item C<$EmailSubjectTagRegex> +=item C<$WebDomain> -This regexp controls what subject tags RT recognizes as its own. -If you're not dealing with historical C<$rtname> values, you'll likely -never have to enable this feature. +Domain name of the RT server, e.g. 'www.example.com'. It should not +contain anything except the server name. -Be VERY CAREFUL with it. Note that it overrides C<$rtname> for subject -token matching and that you should use only "non-capturing" parenthesis -grouping. For example: +=cut -C +Set($WebDomain, "localhost"); -and NOT +=item C<$WebPort> -C +If we're running as a superuser, run on port 80. Otherwise, pick a +high port for this user. -This setting would make RT behave exactly as it does without the -setting enabled. +443 is default port for https protocol. =cut -#Set($EmailSubjectTagRegex, qr/\Q$rtname\E/i ); +Set($WebPort, 80); +=item C<$WebPath> +If you're putting the web UI somewhere other than at the root of your +server, you should set C<$WebPath> to the path you'll be serving RT +at. -=item C<$Organization> +C<$WebPath> requires a leading / but no trailing /, or it can be +blank. -You should set this to your organization's DNS domain. For example, -I or I. It's used by the linking interface to -guarantee that ticket URIs are unique and easy to construct. +In most cases, you should leave C<$WebPath> set to "" (an empty +value). =cut -Set($Organization , "example.com"); +Set($WebPath, ""); -=item C<$MinimumPasswordLength> +=item C<$Timezone> -C<$MinimumPasswordLength> defines the minimum length for user -passwords. Setting it to 0 disables this check. +C<$Timezone> is the default timezone, used to convert times entered by +users into GMT, as they are stored in the database, and back again; +users can override this. It should be set to a timezone recognized by +your server. =cut -Set($MinimumPasswordLength , "5"); +Set($Timezone, "US/Eastern"); -=item C<$Timezone> +=item C<@Plugins> -C<$Timezone> is used to convert times entered by users into GMT and back again -It should be set to a timezone recognized by your local unix box. +Set C<@Plugins> to a list of external RT plugins that should be +enabled (those plugins have to be previously downloaded and +installed). + +Example: + +C =cut -Set($Timezone , 'US/Eastern'); +Set(@Plugins, (qw(RTx::Calendar + RT::Extension::MobileUI))); #RTx::Checklist )); =back -=head1 Database Configuration + + + +=head1 Database connection =over 4 =item C<$DatabaseType> -Database driver being used; case matters. - -Valid types are "mysql", "Oracle" and "Pg" +Database driver being used; case matters. Valid types are "mysql", +"Oracle" and "Pg". =cut -Set($DatabaseType , '@DB_TYPE@'); +Set($DatabaseType, "@DB_TYPE@"); =item C<$DatabaseHost>, C<$DatabaseRTHost> -The domain name of your database server. +The domain name of your database server. If you're running MySQL and +on localhost, leave it blank for enhanced performance. -If you're running mysql and it's on localhost, -leave it blank for enhanced performance +C is the fully-qualified hostname of your RT server, +for use in granting ACL rights on MySQL. =cut -Set($DatabaseHost , '@DB_HOST@'); -Set($DatabaseRTHost , '@DB_RT_HOST@'); +Set($DatabaseHost, "@DB_HOST@"); +Set($DatabaseRTHost, "@DB_RT_HOST@"); =item C<$DatabasePort> The port that your database server is running on. Ignored unless it's -a positive integer. It's usually safe to leave this blank +a positive integer. It's usually safe to leave this blank; RT will +choose the correct default. =cut -Set($DatabasePort , '@DB_PORT@'); +Set($DatabasePort, "@DB_PORT@"); =item C<$DatabaseUser> -The name of the database user (inside the database) +The name of the user to connect to the database as. =cut -Set($DatabaseUser , '@DB_RT_USER@'); +Set($DatabaseUser, "@DB_RT_USER@"); =item C<$DatabasePassword> -Password the C<$DatabaseUser> should use to access the database +The password the C<$DatabaseUser> should use to access the database. =cut -Set($DatabasePassword , '@DB_RT_PASS@'); +Set($DatabasePassword, q{@DB_RT_PASS@}); =item C<$DatabaseName> -The name of the RT's database on your database server. For Oracle -it's SID, DB objects are created in L<$DatabaseUser>'s schema. +The name of the RT database on your database server. For Oracle, the +SID and database objects are created in C<$DatabaseUser>'s schema. =cut -Set($DatabaseName , '@DB_DATABASE@'); +Set($DatabaseName, q{@DB_DATABASE@}); =item C<$DatabaseRequireSSL> -If you're using Postgres and have compiled in SSL support, -set C<$DatabaseRequireSSL> to 1 to turn on SSL communication +If you're using PostgreSQL and have compiled in SSL support, set +C<$DatabaseRequireSSL> to 1 to turn on SSL communication with the +database. =cut -Set($DatabaseRequireSSL , undef); +Set($DatabaseRequireSSL, undef); -=item C<$UseSQLForACLChecks> +=back + + + + +=head1 Logging + +The default is to log anything except debugging information to syslog. +Check the L POD for information about how to get things +by syslog, mail or anything else, get debugging info in the log, etc. + +It might generally make sense to send error and higher by email to +some administrator. If you do this, be careful that this email isn't +sent to this RT instance. Mail loops will generate a critical log +message. -In RT for ages ACL are checked after search what in some situtations -result in empty search pages and wrong count of tickets. +=over 4 + +=item C<$LogToSyslog>, C<$LogToScreen> + +The minimum level error that will be logged to the specific device. +From lowest to highest priority, the levels are: -Set C<$UseSQLForACLChecks> to 1 to use SQL and get rid of these problems. + debug info notice warning error critical alert emergency -However, this option is beta. In some cases it result in performance -improvements, but some setups can not handle it. +Many syslogds are configured to discard or file debug messages away, so +if you're attempting to debug RT you may need to reconfigure your +syslogd or use one of the other logging options. + +Logging to your screen affects scripts run from the command line as well +as the STDERR sent to your webserver (so these logs will usually show up +in your web server's error logs). =cut -Set($UseSQLForACLChecks, undef); +Set($LogToSyslog, "info"); +Set($LogToScreen, "info"); + +=item C<$LogToFile>, C<$LogDir>, C<$LogToFileNamed> + +Logging to a standalone file is also possible. The file needs to both +exist and be writable by all direct users of the RT API. This generally +includes the web server and whoever rt-crontool runs as. Note that +rt-mailgate and the RT CLI go through the webserver, so their users do +not need to have write permissions to this file. If you expect to have +multiple users of the direct API, Best Practical recommends using syslog +instead of direct file logging. + +You should set C<$LogToFile> to one of the levels documented above. + +=cut + +Set($LogToFile, undef); +Set($LogDir, q{@RT_LOG_PATH@}); +Set($LogToFileNamed, "rt.log"); #log to rt.log + +=item C<$LogStackTraces> + +If set to a log level then logging will include stack traces for +messages with level equal to or greater than specified. + +NOTICE: Stack traces include parameters supplied to functions or +methods. It is possible for stack trace logging to reveal sensitive +information such as passwords or ticket content in your logs. + +=cut + +Set($LogStackTraces, ""); + +=item C<@LogToSyslogConf> + +On Solaris or UnixWare, set to ( socket => 'inet' ). Options here +override any other options RT passes to L. +Other interesting flags include facility and logopt. (See the +L documentation for more information.) (Maybe +ident too, if you have multiple RT installations.) + +=cut + +Set(@LogToSyslogConf, ()); =back -=head1 Incoming Mail Gateway Configuration + + +=head1 Incoming mail gateway =over 4 +=item C<$EmailSubjectTagRegex> + +This regexp controls what subject tags RT recognizes as its own. If +you're not dealing with historical C<$rtname> values, you'll likely +never have to change this configuration. + +Be B with it. Note that it overrides C<$rtname> for +subject token matching and that you should use only "non-capturing" +parenthesis grouping. For example: + +C + +and NOT + +C + +The setting below would make RT behave exactly as it does without the +setting enabled. + +=cut + +# Set($EmailSubjectTagRegex, qr/\Q$rtname\E/i ); + =item C<$OwnerEmail> C<$OwnerEmail> is the address of a human who manages RT. RT will send errors generated by the mail gateway to this address. This address -should _not_ be an address that's managed by your RT instance. +should I be an address that's managed by your RT instance. =cut -Set($OwnerEmail , 'root'); +Set($OwnerEmail, 'root'); =item C<$LoopsToRTOwner> If C<$LoopsToRTOwner> is defined, RT will send mail that it believes -might be a loop to C<$OwnerEmail> +might be a loop to C<$OwnerEmail>. =cut -Set($LoopsToRTOwner , 1); +Set($LoopsToRTOwner, 1); =item C<$StoreLoops> If C<$StoreLoops> is defined, RT will record messages that it believes -to be part of mail loops. - -As it does this, it will try to be careful not to send mail to the -sender of these messages +to be part of mail loops. As it does this, it will try to be careful +not to send mail to the sender of these messages. =cut -Set($StoreLoops , undef); +Set($StoreLoops, undef); =item C<$MaxAttachmentSize> -C<$MaxAttachmentSize> sets the maximum size (in bytes) of attachments stored -in the database. - -For mysql and oracle, we set this size at 10 megabytes. -If you're running a postgres version earlier than 7.1, you will need -to drop this to 8192. (8k) +C<$MaxAttachmentSize> sets the maximum size (in bytes) of attachments +stored in the database. This setting is irrelevant unless one of +$TruncateLongAttachments or $DropLongAttachments (below) are set. =cut - -Set($MaxAttachmentSize , 10000000); +Set($MaxAttachmentSize, 10_000_000); =item C<$TruncateLongAttachments> -C<$TruncateLongAttachments>: if this is set to a non-undef value, -RT will truncate attachments longer than C<$MaxAttachmentSize>. +If this is set to a non-undef value, RT will truncate attachments +longer than C<$MaxAttachmentSize>. =cut -Set($TruncateLongAttachments , undef); +Set($TruncateLongAttachments, undef); =item C<$DropLongAttachments> -C<$DropLongAttachments>: if this is set to a non-undef value, -RT will silently drop attachments longer than C. +If this is set to a non-undef value, RT will silently drop attachments +longer than C. C<$TruncateLongAttachments>, above, +takes priority over this. =cut -Set($DropLongAttachments , undef); +Set($DropLongAttachments, undef); -=item C<$ParseNewMessageForTicketCcs> +=item C<$RTAddressRegexp> -If C<$ParseNewMessageForTicketCcs> is true, RT will attempt to divine -Ticket 'Cc' watchers from the To and Cc lines of incoming messages -Be forewarned that if you have _any_ addresses which forward mail to -RT automatically and you enable this option without modifying -C<$RTAddressRegexp> below, you will get yourself into a heap of trouble. +C<$RTAddressRegexp> is used to make sure RT doesn't add itself as a +ticket CC if C<$ParseNewMessageForTicketCcs>, above, is enabled. It +is important that you set this to a regular expression that matches +all addresses used by your RT. This lets RT avoid sending mail to +itself. It will also hide RT addresses from the list of "One-time Cc" +and Bcc lists on ticket reply. + +If you have a number of addresses configured in your RT database +already, you can generate a naive first pass regexp by using: + + perl etc/upgrade/generate-rtaddressregexp + +If left blank, RT will generate a regexp for you, based on your +comment and correspond address settings on your queues; this comes at +a small cost in start-up speed. =cut -Set($ParseNewMessageForTicketCcs , undef); +Set($RTAddressRegexp, undef); -=item C<$RTAddressRegexp> +=item C<$IgnoreCcRegexp> -C<$RTAddressRegexp> is used to make sure RT doesn't add itself as a ticket CC if -the setting above is enabled. It is important that you set this to a -regular expression that matches all addresses used by your RT. This lets RT -avoid sending mail to itself. It will also hide RT addresses from the list of -"One-time Cc" and Bcc lists on ticket reply. +C<$IgnoreCcRegexp> is a regexp to exclude addresses from automatic addition +to the Cc list. Use this for addresses that are I received by RT but +are sometimes added to Cc lists by mistake. Unlike C<$RTAddressRegexp>, +these addresses can still receive email from RT otherwise. =cut -Set($RTAddressRegexp , '^rt\@example.com$'); +Set($IgnoreCcRegexp, undef); =item C<$CanonicalizeEmailAddressMatch>, C<$CanonicalizeEmailAddressReplace> -RT provides functionality which allows the system to rewrite -incoming email addresses. In its simplest form, -you can substitute the value in $ -for the value in $ -(These values are passed to the $ subroutine in - F) +RT provides functionality which allows the system to rewrite incoming +email addresses. In its simplest form, you can substitute the value +in C for the value in +C (These values are passed to the +C subroutine in F) -By default, that routine performs a C on any address -passed to it. +By default, that routine performs a C on any +address passed to it. =cut -#Set($CanonicalizeEmailAddressMatch , '@subdomain\.example\.com$'); -#Set($CanonicalizeEmailAddressReplace , '@example.com'); +# Set($CanonicalizeEmailAddressMatch, '@subdomain\.example\.com$'); +# Set($CanonicalizeEmailAddressReplace, '@example.com'); -=item C<$CanonicalizeEmailAddressMatch> +=item C<$CanonicalizeOnCreate> -Set this to true and the create new user page will use the values that you -enter in the form but use the function CanonicalizeUserInfo in +Set this to 1 and the create new user page will use the values that +you enter in the form but use the function CanonicalizeUserInfo in F =cut Set($CanonicalizeOnCreate, 0); -=item C<$SenderMustExistInExternalDatabase> - -If C<$SenderMustExistInExternalDatabase> is true, RT will refuse to -create non-privileged accounts for unknown users if you are using -the C<$LookupSenderInExternalDatabase> option. -Instead, an error message will be mailed and RT will forward the -message to C<$RTOwner>. - -If you are not using C<$LookupSenderInExternalDatabase>, this option -has no effect. +=item C<$ValidateUserEmailAddresses> -If you define an AutoRejectRequest template, RT will use this -template for the rejection message. +If C<$ValidateUserEmailAddresses> is 1, RT will refuse to create +users with an invalid email address (as specified in RFC 2822) or with +an email address made of multiple email addresses. =cut -Set($SenderMustExistInExternalDatabase , undef); +Set($ValidateUserEmailAddresses, undef); -=item C<$ValidateUserEmailAddresses> +=item C<$NonCustomerEmailRegexp> -If C<$ValidateUserEmailAddresses> is true, RT will refuse to create users with -an invalid email address (as specified in RFC 2822) or with an email address -made of multiple email adresses. +Normally, when a ticket is linked to a customer, any requestors on that +ticket that didn't previously have customer memberships are linked to +the customer also. C<$NonCustomerEmailRegexp> is a regexp for email +addresses that should I automatically be linked to a customer in +this way. =cut -Set($ValidateUserEmailAddresses, undef); +Set($NonCustomerEmailRegexp, undef); =item C<@MailPlugins> -C<@MailPlugins> is a list of auth plugins for L -to use; see L +C<@MailPlugins> is a list of authentication plugins for +L to use; see L =cut =item C<$UnsafeEmailCommands> -C<$UnsafeEmailCommands>, if set to true, enables 'take' and 'resolve' +C<$UnsafeEmailCommands>, if set to 1, enables 'take' and 'resolve' as possible actions via the mail gateway. As its name implies, this is very unsafe, as it allows email with a forged sender to possibly resolve arbitrary tickets! @@ -342,8 +474,8 @@ resolve arbitrary tickets! =item C<$ExtractSubjectTagMatch>, C<$ExtractSubjectTagNoMatch> The default "extract remote tracking tags" scrip settings; these -detect when your RT is talking to another RT, and adjusts the -subject accordingly. +detect when your RT is talking to another RT, and adjust the subject +accordingly. =cut @@ -354,7 +486,9 @@ Set($ExtractSubjectTagNoMatch, ( ${RT::EmailSubjectTagRegex} =back -=head1 Outgoing Mail Configuration + + +=head1 Outgoing mail =over 4 @@ -365,20 +499,26 @@ We know that 'sendmailpipe' works fairly well. If 'sendmailpipe' doesn't work well for you, try 'sendmail'. Other options are 'smtp' or 'qmail'. -Note that you should remove the '-t' from C<$SendmailArguments> -if you use 'sendmail' rather than 'sendmailpipe' +Note that you should remove the '-t' from C<$SendmailArguments> if you +use 'sendmail' rather than 'sendmailpipe' + +For testing purposes, or to simply disable sending mail out into the +world, you can set C<$MailCommand> to 'testfile' which writes all mail +to a temporary file. RT will log the location of the temporary file +so you can extract mail from it afterward. =cut -Set($MailCommand , 'sendmailpipe'); +#Set($MailCommand, "sendmailpipe"); +Set($MailCommand, "sendmail"); =item C<$SetOutgoingMailFrom> -C<$SetOutgoingMailFrom> tells RT to set the sender envelope with the correspond -mail address of the ticket's queue. +C<$SetOutgoingMailFrom> tells RT to set the sender envelope to the +Correspond mail address of the ticket's queue. -Warning: If you use this setting, bounced mails will appear to be incoming -mail to the system, thus creating new tickets. +Warning: If you use this setting, bounced mails will appear to be +incoming mail to the system, thus creating new tickets. =cut @@ -387,11 +527,15 @@ Set($SetOutgoingMailFrom, 0); =item C<$OverrideOutgoingMailFrom> C<$OverrideOutgoingMailFrom> is used for overwriting the Correspond -address of the queue. The option is a hash reference of queue name to -email address. +address of the queue as it is handed to sendmail -f. This helps force +the From_ header away from www-data or other email addresses that show +up in the "Sent by" line in Outlook. + +The option is a hash reference of queue name to email address. If +there is no ticket involved, then the value of the C key will +be used. -If there is no ticket involved, then the value of the C key will be -used. +This option is irrelevant unless C<$SetOutgoingMailFrom> is set. =cut @@ -400,602 +544,1313 @@ Set($OverrideOutgoingMailFrom, { # 'General' => 'general@rt.example.com', }); -=back +=item C<$DefaultMailPrecedence> -=head1 Sendmail Configuration +C<$DefaultMailPrecedence> is used to control the default Precedence +level of outgoing mail where none is specified. By default it is +C, but if you only send mail to your staff, you may wish to +change it. -These options only take effect if C<$MailCommand> is 'sendmail' or -'sendmailpipe' +Note that you can set the precedence of individual templates by +including an explicit Precedence header. -=over 4 +If you set this value to C then we do not set a default +Precedence header to outgoing mail. However, if there already is a +Precedence header, it will be preserved. -=item C<$SendmailArguments> +=cut -C<$SendmailArguments> defines what flags to pass to C<$SendmailPath> -If you picked 'sendmailpipe', you MUST add a -t flag to C<$SendmailArguments> -These options are good for most sendmail wrappers and workalikes +Set($DefaultMailPrecedence, "bulk"); -These arguments are good for sendmail brand sendmail 8 and newer -C +=item C<$DefaultErrorMailPrecedence> -=cut +C<$DefaultErrorMailPrecedence> is used to control the default +Precedence level of outgoing mail that indicates some kind of error +condition. By default it is C, but if you only send mail to your +staff, you may wish to change it. -Set($SendmailArguments , "-oi -t"); +If you set this value to C then we do not add a Precedence +header to error mail. +=cut -=item C<$SendmailBounceArguments> +Set($DefaultErrorMailPrecedence, "bulk"); -C<$SendmailBounceArguments> defines what flags to pass to C<$Sendmail> -assuming RT needs to send an error (ie. bounce). +=item C<$UseOriginatorHeader> + +C<$UseOriginatorHeader> is used to control the insertion of an +RT-Originator Header in every outgoing mail, containing the mail +address of the transaction creator. =cut -Set($SendmailBounceArguments , '-f "<>"'); +Set($UseOriginatorHeader, 1); -=item C<$SendmailPath> +=item C<$UseFriendlyFromLine> -If you selected 'sendmailpipe' above, you MUST specify the path to -your sendmail binary in C<$SendmailPath>. +By default, RT sets the outgoing mail's "From:" header to "SenderName +via RT". Setting C<$UseFriendlyFromLine> to 0 disables it. =cut -Set($SendmailPath , "/usr/sbin/sendmail"); +Set($UseFriendlyFromLine, 1); +=item C<$FriendlyFromLineFormat> -=back +C format of the friendly 'From:' header; its arguments are +SenderName and SenderEmailAddress. -=head1 SMTP Configuration +=cut -These options only take effect if C<$MailCommand> is 'smtp' +Set($FriendlyFromLineFormat, "\"%s via RT\" <%s>"); -=over 4 +=item C<$UseFriendlyToLine> -=item C<$SMTPServer> +RT can optionally set a "Friendly" 'To:' header when sending messages +to Ccs or AdminCcs (rather than having a blank 'To:' header. -C<$SMTPServer> should be set to the hostname of the SMTP server to use +This feature DOES NOT WORK WITH SENDMAIL[tm] BRAND SENDMAIL. If you +are using sendmail, rather than postfix, qmail, exim or some other +MTA, you _must_ disable this option. =cut -Set($SMTPServer, undef); +Set($UseFriendlyToLine, 0); -=item C<$SMTPFrom> +=item C<$FriendlyToLineFormat> -C<$SMTPFrom> should be set to the 'From' address to use, if not the -email's 'From' +C format of the friendly 'To:' header; its arguments are +WatcherType and TicketId. =cut -Set($SMTPFrom, undef); +Set($FriendlyToLineFormat, "\"%s of ". RT->Config->Get('rtname') ." Ticket #%s\":;"); -=item C<$SMTPDebug> +=item C<$NotifyActor> -C<$SMTPDebug> should be set to true to debug SMTP mail sending +By default, RT doesn't notify the person who performs an update, as +they already know what they've done. If you'd like to change this +behavior, Set C<$NotifyActor> to 1 =cut -Set($SMTPDebug, 0); +Set($NotifyActor, 0); -=back +=item C<$RecordOutgoingEmail> -=head1 Other Mailer Configuration +By default, RT records each message it sends out to its own internal +database. To change this behavior, set C<$RecordOutgoingEmail> to 0 -=over 4 +If this is disabled, users' digest mail delivery preferences +(i.e. EmailFrequency) will also be ignored. -=item C<@MailParams> +=cut -C<@MailParams> defines a list of options passed to $MailCommand if it -is not 'sendmailpipe', 'sendmail', or 'smtp' +Set($RecordOutgoingEmail, 1); + +=item C<$VERPPrefix>, C<$VERPDomain> + +Setting these options enables VERP support +L. + +Uncomment the following two directives to generate envelope senders +of the form C<${VERPPrefix}${originaladdress}@${VERPDomain}> +(i.e. rt-jesse=fsck.com@rt.example.com ). + +This currently only works with sendmail and sendmailpipe. =cut -Set(@MailParams, ()); +# Set($VERPPrefix, "rt-"); +# Set($VERPDomain, $RT::Organization); -=item C<$CorrespondAddress>, C<$CommentAddress> -RT is designed such that any mail which already has a ticket-id associated -with it will get to the right place automatically. +=item C<$ForwardFromUser> -C<$CorrespondAddress> and C<$CommentAddress> are the default addresses -that will be listed in From: and Reply-To: headers of correspondence -and comment mail tracked by RT, unless overridden by a queue-specific -address. +By default, RT forwards a message using queue's address and adds RT's +tag into subject of the outgoing message, so recipients' replies go +into RT as correspondents. + +To change this behavior, set C<$ForwardFromUser> to 1 and RT +will use the address of the current user and remove RT's subject tag. =cut -Set($CorrespondAddress , ''); +Set($ForwardFromUser, 0); + +=back + +=head2 Email dashboards -Set($CommentAddress , ''); +=over 4 =item C<$DashboardAddress> -The email address from which RT will send dashboards. If none is set, then -C<$OwnerEmail> will be used. +The email address from which RT will send dashboards. If none is set, +then C<$OwnerEmail> will be used. =cut Set($DashboardAddress, ''); -=item C<$UseFriendlyFromLine> +=item C<$DashboardSubject> -By default, RT sets the outgoing mail's "From:" header to -"SenderName via RT". Setting C<$UseFriendlyFromLine> to 0 disables it. +Lets you set the subject of dashboards. Arguments are the frequency (Daily, +Weekly, Monthly) of the dashboard and the dashboard's name. =cut -Set($UseFriendlyFromLine, 1); +Set($DashboardSubject, "%s Dashboard: %s"); -=item C<$FriendlyFromLineFormat> +=item C<@EmailDashboardRemove> -C format of the friendly 'From:' header; its arguments -are SenderName and SenderEmailAddress. +A list of regular expressions that will be used to remove content from +mailed dashboards. =cut -Set($FriendlyFromLineFormat, "\"%s via RT\" <%s>"); +Set(@EmailDashboardRemove, ()); -=item C<$UseFriendlyToLine> +=back -RT can optionally set a "Friendly" 'To:' header when sending messages to -Ccs or AdminCcs (rather than having a blank 'To:' header. -This feature DOES NOT WORK WITH SENDMAIL[tm] BRAND SENDMAIL -If you are using sendmail, rather than postfix, qmail, exim or some other MTA, -you _must_ disable this option. -=cut +=head2 Sendmail configuration -Set($UseFriendlyToLine, 0); +These options only take effect if C<$MailCommand> is 'sendmail' or +'sendmailpipe' -=item C<$FriendlyToLineFormat> +=over 4 -C format of the friendly 'From:' header; its arguments -are WatcherType and TicketId. +=item C<$SendmailArguments> + +C<$SendmailArguments> defines what flags to pass to C<$SendmailPath> +If you picked 'sendmailpipe', you MUST add a -t flag to +C<$SendmailArguments> These options are good for most sendmail +wrappers and work-a-likes. + +These arguments are good for sendmail brand sendmail 8 and newer: +C =cut -Set($FriendlyToLineFormat, "\"%s of ". RT->Config->Get('rtname') ." Ticket #%s\":;"); +#Set($SendmailArguments, "-oi -t"); +Set($SendmailArguments, "-oi"); -=item C<$NotifyActor> -By default, RT doesn't notify the person who performs an update, as they -already know what they've done. If you'd like to change this behaviour, -Set C<$NotifyActor> to 1 +=item C<$SendmailBounceArguments> + +C<$SendmailBounceArguments> defines what flags to pass to C<$Sendmail> +assuming RT needs to send an error (i.e. bounce). =cut -Set($NotifyActor, 0); +Set($SendmailBounceArguments, '-f "<>"'); -=item C<$RecordOutgoingEmail> +=item C<$SendmailPath> -By default, RT records each message it sends out to its own internal database. -To change this behavior, set C<$RecordOutgoingEmail> to 0 +If you selected 'sendmailpipe' above, you MUST specify the path to +your sendmail binary in C<$SendmailPath>. =cut -Set($RecordOutgoingEmail, 1); +Set($SendmailPath, "/usr/sbin/sendmail"); + -=item C<$VERPPrefix>, C<$VERPPrefix> +=back -VERP support (http://cr.yp.to/proto/verp.txt) +=head2 SMTP configuration -uncomment the following two directives to generate envelope senders -of the form C<${VERPPrefix}${originaladdress}@${VERPDomain}> -(i.e. rt-jesse=fsck.com@rt.example.com ). +These options only take effect if C<$MailCommand> is 'smtp' -This currently only works with sendmail and sendmailppie. +=over 4 -=cut +=item C<$SMTPServer> -# Set($VERPPrefix, 'rt-'); -# Set($VERPDomain, $RT::Organization); +C<$SMTPServer> should be set to the hostname of the SMTP server to use +=cut -=item C<$ForwardFromUser> +Set($SMTPServer, undef); -By default, RT forwards a message using queue's address and adds RT's tag into -subject of the outgoing message, so recipients' replies go into RT as correspondents. +=item C<$SMTPFrom> -To change this behavior, set C<$ForwardFromUser> to true value and RT will use -address of the current user and leave subject without RT's tag. +C<$SMTPFrom> should be set to the 'From' address to use, if not the +email's 'From' =cut -Set($ForwardFromUser, 0); - -=item C<$ShowBccHeader> +Set($SMTPFrom, undef); -By default RT hides from the web UI information about blind copies user sent on -reply or comment. +=item C<$SMTPDebug> -To change this set the following option to true value. +C<$SMTPDebug> should be set to 1 to debug SMTP mail sending =cut -Set($ShowBccHeader, 0); +Set($SMTPDebug, 0); -=item C<$DashboardSubject> +=back -Lets you set the subject of dashboards. Arguments are the frequency (Daily, -Weekly, Monthly) of the dashboard and the dashboard's name. [_1] for the name -of the dashboard. +=head2 Other mailers + +=over 4 + +=item C<@MailParams> + +C<@MailParams> defines a list of options passed to $MailCommand if it +is not 'sendmailpipe', 'sendmail', or 'smtp' =cut -Set($DashboardSubject, '%s Dashboard: %s'); +Set(@MailParams, ()); =back -=head1 GnuPG Configuration -A full description of the (somewhat extensive) GnuPG integration can be found -by running the command `perldoc L` (or `perldoc - lib/RT/Crypt/GnuPG.pm` from your RT install directory). +=head1 Web interface =over 4 -=item C<%GnuPG> +=item C<$WebDefaultStylesheet> + +This determines the default stylesheet the RT web interface will use. +RT ships with several themes by default: + + web2 The default layout for RT 3.8 + aileron The default layout for RT 4.0 + ballard Theme which doesn't rely on JavaScript for menuing + +This bundled distibution of RT also includes: + freeside3 Integration with Freeside (enabled by default) + freeside2.1 Previous Freeside theme + +This value actually specifies a directory in F +from which RT will try to load the file main.css (which should @import +any other files the stylesheet needs). This allows you to easily and +cleanly create your own stylesheets to apply to RT. This option can +be overridden by users in their preferences. + +=cut + +Set($WebDefaultStylesheet, "freeside3"); + +=item C<$DefaultQueue> + +Use this to select the default queue name that will be used for +creating new tickets. You may use either the queue's name or its +ID. This only affects the queue selection boxes on the web interface. + +=cut + +# Set($DefaultQueue, "General"); + +=item C<$RememberDefaultQueue> + +When a queue is selected in the new ticket dropdown, make it the new +default for the new ticket dropdown. + +=cut + +# Set($RememberDefaultQueue, 1); + +=item C<$EnableReminders> + +Hide all links and portlets related to Reminders by setting this to 0 + +=cut + +Set($EnableReminders, 1); + +=item C<@CustomFieldValuesSources> + +Set C<@CustomFieldValuesSources> to a list of class names which extend +L. This can be used to pull lists of +custom field values from external sources at runtime. + +=cut + +Set(@CustomFieldValuesSources, ('RT::CustomFieldValues::Queues')); + +=item C<$CanonicalizeRedirectURLs> + +Set C<$CanonicalizeRedirectURLs> to 1 to use C<$WebURL> when +redirecting rather than the one we get from C<%ENV>. + +Apache's UseCanonicalName directive changes the hostname that RT +finds in C<%ENV>. You can read more about what turning it On or Off +means in the documentation for your version of Apache. + +If you use RT behind a reverse proxy, you almost certainly want to +enable this option. + +=cut + +Set($CanonicalizeRedirectURLs, 0); + +=item C<@JSFiles> + +A list of JavaScript files to be included in head. Removing any of +the default entries is not suggested. + +If you're a plugin author, refer to RT->AddJavaScript. + +=cut + +Set(@JSFiles, qw/ + jquery-1.4.2.min.js + jquery_noconflict.js + jquery-ui-1.8.4.custom.min.js + jquery-ui-timepicker-addon.js + jquery-ui-patch-datepicker.js + titlebox-state.js + util.js + userautocomplete.js + jquery.event.hover-1.0.js + superfish.js + supersubs.js + jquery.supposition.js + history-folding.js + late.js +/); + +=item C<$JSMinPath> + +Path to the jsmin binary; if specified, it will be used to minify +C. The default, and the fallback if the binary cannot be +found, is to simply concatenate the files. + +jsmin can be installed by running 'make jsmin' from the RT install +directory, or from http://www.crockford.com/javascript/jsmin.html + +=cut + +# Set($JSMinPath, "/path/to/jsmin"); + +=item C<@CSSFiles> + +A list of additional CSS files to be included in head. + +If you're a plugin author, refer to RT->AddStyleSheets. + +=cut + +Set(@CSSFiles, qw//); + +=item C<$UsernameFormat> + +This determines how user info is displayed. 'concise' will show one of +either NickName, RealName, Name or EmailAddress, depending on what +exists and whether the user is privileged or not. 'verbose' will show +RealName and EmailAddress. + +=cut + +Set($UsernameFormat, "verbose"); + +=item C<$WebBaseURL>, C<$WebURL> + +Usually you don't want to set these options. The only obvious reason +is if RT is accessible via https protocol on a non standard port, e.g. +'https://rt.example.com:9999'. In all other cases these options are +computed using C<$WebDomain>, C<$WebPort> and C<$WebPath>. + +C<$WebBaseURL> is the scheme, server and port +(e.g. 'http://rt.example.com') for constructing URLs to the web +UI. C<$WebBaseURL> doesn't need a trailing /. + +C<$WebURL> is the C<$WebBaseURL>, C<$WebPath> and trailing /, for +example: 'http://www.example.com/rt/'. + +=cut + +my $port = RT->Config->Get('WebPort'); +Set($WebBaseURL, + ($port == 443? 'https': 'http') .'://' + . RT->Config->Get('WebDomain') + . ($port != 80 && $port != 443? ":$port" : '') +); + +Set($WebURL, RT->Config->Get('WebBaseURL') . RT->Config->Get('WebPath') . "/"); + +=item C<$WebImagesURL> + +C<$WebImagesURL> points to the base URL where RT can find its images. +Define the directory name to be used for images in RT web documents. + +=cut + +Set($WebImagesURL, RT->Config->Get('WebPath') . "/NoAuth/images/"); + +=item C<$LogoURL> + +C<$LogoURL> points to the URL of the RT logo displayed in the web UI. +This can also be configured via the web UI. + +=cut + +Set($LogoURL, RT->Config->Get('WebImagesURL') . "bpslogo.png"); + +=item C<$LogoLinkURL> + +C<$LogoLinkURL> is the URL that the RT logo hyperlinks to. + +=cut + +Set($LogoLinkURL, "http://bestpractical.com"); + +=item C<$LogoAltText> + +C<$LogoAltText> is a string of text for the alt-text of the logo. It +will be passed through C for localization. + +=cut + +Set($LogoAltText, "Best Practical Solutions, LLC corporate logo"); + +=item C<$LogoImageHeight> + +C<$LogoImageHeight> is the value of the C attribute of the logo +C tag. + +=cut + +Set($LogoImageHeight, 38); + +=item C<$LogoImageWidth> + +C<$LogoImageWidth> is the value of the C attribute of the logo +C tag. + +=cut + +Set($LogoImageWidth, 181); + +=item C<$WebNoAuthRegex> + +What portion of RT's URL space should not require authentication. The +default is almost certainly correct, and should only be changed if you +are extending RT. + +=cut + +Set($WebNoAuthRegex, qr{^ /rt (?:/+NoAuth/ | /+REST/\d+\.\d+/NoAuth/) }x ); + +=item C<$SelfServiceRegex> + +What portion of RT's URLspace should be accessible to Unprivileged +users This does not override the redirect from F +to F when Unprivileged users attempt to +access ticked displays. + +=cut + +Set($SelfServiceRegex, qr!^(?:/+SelfService/)!x ); + +=item C<$WebFlushDbCacheEveryRequest> + +By default, RT clears its database cache after every page view. This +ensures that you've always got the most current information when +working in a multi-process (mod_perl or FastCGI) Environment. Setting +C<$WebFlushDbCacheEveryRequest> to 0 will turn this off, which will +speed RT up a bit, at the expense of a tiny bit of data accuracy. + +=cut + +Set($WebFlushDbCacheEveryRequest, 1); + +=item C<%ChartFont> + +The L module (which RT uses for graphs) ships with a built-in font +that doesn't have full Unicode support. You can use a given TrueType +font for a specific language by setting %ChartFont to (language =E +the absolute path of a font) pairs. Your GD library must have support +for TrueType fonts to use this option. If there is no entry for a +language in the hash then font with 'others' key is used. + +RT comes with two TrueType fonts covering most available languages. + +=cut + +Set( + %ChartFont, + 'zh-cn' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", + 'zh-tw' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", + 'ja' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", + 'others' => "$RT::BasePath/share/fonts/DroidSans.ttf", +); + +=item C<$ChartsTimezonesInDB> + +RT stores dates using the UTC timezone in the DB, so charts grouped by +dates and time are not representative. Set C<$ChartsTimezonesInDB> to 1 +to enable timezone conversions using your DB's capabilities. You may +need to do some work on the DB side to use this feature, read more in +F. + +At this time, this feature only applies to MySQL and PostgreSQL. + +=cut + +Set($ChartsTimezonesInDB, 0); + +=back + + + +=head2 Home page + +=over 4 + +=item C<$DefaultSummaryRows> + +C<$DefaultSummaryRows> is default number of rows displayed in for +search results on the front page. + +=cut + +Set($DefaultSummaryRows, 10); + +=item C<$HomePageRefreshInterval> + +C<$HomePageRefreshInterval> is default number of seconds to refresh +the RT home page. Choose from [0, 120, 300, 600, 1200, 3600, 7200]. + +=cut + +Set($HomePageRefreshInterval, 0); + +=item C<$HomepageComponents> + +C<$HomepageComponents> is an arrayref of allowed components on a +user's customized homepage ("RT at a glance"). + +=cut + +Set($HomepageComponents, [qw(QuickCreate Quicksearch MyCalendar MyAdminQueues MySupportQueues MyReminders RefreshHomepage Dashboards SavedSearches)]); + +=back + + + + +=head2 Ticket search + +=over 4 + +=item C<$UseSQLForACLChecks> + +Historically, ACLs were checked on display, which could lead to empty +search pages and wrong ticket counts. Set C<$UseSQLForACLChecks> to 1 +to limit search results in SQL instead, which eliminates these +problems. + +This option is still relatively new; it may result in performance +problems in some cases, or significant speedups in others. + +=cut + +Set($UseSQLForACLChecks, undef); + +=item C<$TicketsItemMapSize> + +On the display page of a ticket from search results, RT provides links +to the first, next, previous and last ticket from the results. In +order to build these links, RT needs to fetch the full result set from +the database, which can be resource-intensive. + +Set C<$TicketsItemMapSize> to number of tickets you want RT to examine +to build these links. If the full result set is larger than this +number, RT will omit the "last" link in the menu. Set this to zero to +always examine all results. + +=cut + +Set($TicketsItemMapSize, 1000); + +=item C<$SearchResultsRefreshInterval> + +C<$SearchResultsRefreshInterval> is default number of seconds to +refresh search results in RT. Choose from [0, 120, 300, 600, 1200, +3600, 7200]. + +=cut + +Set($SearchResultsRefreshInterval, 0); + +=item C<$DefaultSearchResultFormat> + +C<$DefaultSearchResultFormat> is the default format for RT search +results + +=cut + +Set ($DefaultSearchResultFormat, qq{ + '__id__/TITLE:#', + '__Subject__/TITLE:Subject', + Customer, + Status, + QueueName, + OwnerName, + Priority, + '__NEWLINE__', + '', + '__Requestors__', + '__CustomerTags__', + '__CreatedRelative__', + '__ToldRelative__', + '__LastUpdatedRelative__', + '__TimeLeft__'}); + +=item C<$DefaultSelfServiceSearchResultFormat> + +C<$DefaultSelfServiceSearchResultFormat> is the default format of +searches displayed in the SelfService interface. + +=cut + +Set($DefaultSelfServiceSearchResultFormat, qq{ + '__id__/TITLE:#', + '__Subject__/TITLE:Subject', + Status, + Requestors, + OwnerName}); + +=item C<%FullTextSearch> + +Full text search (FTS) without database indexing is a very slow +operation, and is thus disabled by default. + +Before setting C to 1, read F for +the full details of FTS on your particular database. + +It is possible to enable FTS without database indexing support, simply +by setting the C key to 1, while leaving C set to 0. +This is not generally suggested, as unindexed full-text searching can +cause severe performance problems. + +=cut + +Set(%FullTextSearch, + Enable => 0, + Indexed => 0, +); + + +=item C<$OnlySearchActiveTicketsInSimpleSearch> + +When query in simple search doesn't have status info, use this to only +search active ones. + +=cut + +Set($OnlySearchActiveTicketsInSimpleSearch, 1); + +=item C<$SearchResultsAutoRedirect> + +When only one ticket is found in search, use this to redirect to the +ticket display page automatically. + +=cut + +Set($SearchResultsAutoRedirect, 0); + +=back + + + +=head2 Ticket display + +=over 4 + +=item C<$ShowMoreAboutPrivilegedUsers> + +This determines if the 'More about requestor' box on +Ticket/Display.html is shown for Privileged Users. + +=cut + +Set($ShowMoreAboutPrivilegedUsers, 0); + +=item C<$MoreAboutRequestorTicketList> + +This can be set to Active, Inactive, All or None. It controls what +ticket list will be displayed in the 'More about requestor' box on +Ticket/Display.html. This option can be controlled by users also. + +=cut + +Set($MoreAboutRequestorTicketList, "Active"); -Set C to 'inline' to use inline encryption and -signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format. +=item C<$MoreAboutRequestorExtraInfo> -If you want to allow people to encrypt attachments inside the DB then -set C to true +By default, the 'More about requestor' box on Ticket/Display.html +shows the Requestor's name and ticket list. If you would like to see +extra information about the user, this expects a Format string of user +attributes. Please note that not all the attributes are supported in +this display because we're not building a table. -Set C to false if you don't want to reject -emails encrypted for key RT doesn't have and can not decrypt. +Example: +C -Set C to false if you don't want to reject letters -with incorrect GnuPG data. +=cut + +Set($MoreAboutRequestorExtraInfo, ""); + +=item C<$MoreAboutRequestorGroupsLimit> + +By default, the 'More about requestor' box on Ticket/Display.html +shows all the groups of the Requestor. Use this to limit the number +of groups; a value of undef removes the group display entirely. =cut -Set( %GnuPG, - Enable => @RT_GPG@, - OutgoingMessagesFormat => 'RFC', # Inline - AllowEncryptDataInDB => 0, +Set($MoreAboutRequestorGroupsLimit, 0); - RejectOnMissingPrivateKey => 1, - RejectOnBadData => 1, -); +=item C<$UseSideBySideLayout> -=item C<%GnuPGOptions> +Should the ticket create and update forms use a more space efficient +two column layout. This layout may not work in narrow browsers if you +set a MessageBoxWidth (below). + +=cut -Options of GnuPG program. +Set($UseSideBySideLayout, 1); -If you override this in your RT_SiteConfig, you should be sure -to include a homedir setting. +=item C<$EditCustomFieldsSingleColumn> -NOTE that options with '-' character MUST be quoted. +When displaying a list of Ticket Custom Fields for editing, RT +defaults to a 2 column list. If you set this to 1, it will instead +display the Custom Fields in a single column. =cut -Set(%GnuPGOptions, - homedir => '@RT_VAR_PATH@/data/gpg', +Set($EditCustomFieldsSingleColumn, 0); -# URL of a keyserver -# keyserver => 'hkp://subkeys.pgp.net', +=item C<$ShowUnreadMessageNotifications> -# enables the automatic retrieving of keys when encrypting -# 'auto-key-locate' => 'keyserver', +If set to 1, RT will prompt users when there are new, +unread messages on tickets they are viewing. -# enables the automatic retrieving of keys when verifying signatures -# 'auto-key-retrieve' => undef, -); +=cut + +Set($ShowUnreadMessageNotifications, 0); + +=item C<$AutocompleteOwners> + +If set to 1, the owner drop-downs for ticket update/modify and the query +builder are replaced by text fields that autocomplete. This can +alleviate the sometimes huge owner list for installations where many +users have the OwnTicket right. + +=cut + +Set($AutocompleteOwners, 0); + +=item C<$AutocompleteOwnersForSearch> + +If set to 1, the owner drop-downs for the query builder are always +replaced by text field that autocomplete and C<$AutocompleteOwners> +is ignored. Helpful when owners list is huge in the query builder. + +=cut + +Set($AutocompleteOwnersForSearch, 0); + +=item C<$UserAutocompleteFields> + +Specifies which fields of L to match against and how to +match each field when autocompleting users. Valid match methods are +LIKE, STARTSWITH, ENDSWITH, =, and !=. + +=cut + +Set($UserAutocompleteFields, { + EmailAddress => 'STARTSWITH', + Name => 'STARTSWITH', + RealName => 'LIKE', +}); + +=item C<$AllowUserAutocompleteForUnprivileged> + +Should unprivileged users be allowed to autocomplete users. Setting +this option to 1 means unprivileged users will be able to search all +your users. + +=cut + +Set($AllowUserAutocompleteForUnprivileged, 0); + +=item C<$DisplayTicketAfterQuickCreate> + +Enable this to redirect to the created ticket display page +automatically when using QuickCreate. + +=cut + +Set($DisplayTicketAfterQuickCreate, 0); + +=item C<$WikiImplicitLinks> + +Support implicit links in WikiText custom fields? Setting this to 1 +causes InterCapped or ALLCAPS words in WikiText fields to automatically +become links to searches for those words. If used on Articles, it links +to the Article with that name. + +=cut + +Set($WikiImplicitLinks, 0); +=item C<$PreviewScripMessages> + +Set C<$PreviewScripMessages> to 1 if the scrips preview on the ticket +reply page should include the content of the messages to be sent. + +=cut + +Set($PreviewScripMessages, 0); + +=item C<$SimplifiedRecipients> + +If C<$SimplifiedRecipients> is set, a simple list of who will receive +B kind of mail will be shown on the ticket reply page, instead of a +detailed breakdown by scrip. + +=cut + +Set($SimplifiedRecipients, 0); + +=item C<$HideResolveActionsWithDependencies> + +If set to 1, this option will skip ticket menu actions which can't be +completed successfully because of outstanding active Depends On tickets. + +By default, all ticket actions are displayed in the menu even if some of +them can't be successful until all Depends On links are resolved or +transitioned to another inactive status. + +=cut + +Set($HideResolveActionsWithDependencies, 0); =back -=head1 Logging Configuration -The default is to log anything except debugging -information to syslog. Check the L POD for -information about how to get things by syslog, mail or anything -else, get debugging info in the log, etc. -It might generally make sense to send error and higher by email to -some administrator. If you do this, be careful that this email -isn't sent to this RT instance. Mail loops will generate a critical -log message. +=head2 Articles =over 4 -=item C<$LogToSyslog>, C<$LogToScreen> +=item C<$ArticleOnTicketCreate> -The minimum level error that will be logged to the specific device. -From lowest to highest priority, the levels are: - debug info notice warning error critical alert emergency +Set this to 1 to display the Articles interface on the Ticket Create +page in addition to the Reply/Comment page. =cut -Set($LogToSyslog , 'info'); -Set($LogToScreen , 'info'); +Set($ArticleOnTicketCreate, 0); -=item C<$LogToFile>, C<$LogDir>, C<$LogToFileNamed> +=item C<$HideArticleSearchOnReplyCreate> -Logging to a standalone file is also possible, but note that the -file should needs to both exist and be writable by all direct users -of the RT API. This generally include the web server, whoever -rt-crontool runs as. Note that as rt-mailgate and the RT CLI go -through the webserver, so their users do not need to have write -permissions to this file. If you expect to have multiple users of -the direct API, Best Practical recommends using syslog instead of -direct file logging. +Set this to 1 to hide the search and include boxes from the Article +UI. This assumes you have enabled Article Hotlist feature, otherwise +you will have no access to Articles. =cut -Set($LogToFile , undef); -Set($LogDir, '@RT_LOG_PATH@'); -Set($LogToFileNamed , "rt.log"); #log to rt.log +Set($HideArticleSearchOnReplyCreate, 0); -=item C<$LogStackTraces> +=back -If set to a log level then logging will include stack traces for -messages with level equal to or greater than specified. -NOTICE: Stack traces include parameters supplied to functions or -methods. It is possible for stack trace logging to reveal sensitive -information such as passwords or ticket content in your logs. + +=head2 Message box properties + +=over 4 + +=item C<$MessageBoxWidth>, C<$MessageBoxHeight> + +For message boxes, set the entry box width, height and what type of +wrapping to use. These options can be overridden by users in their +preferences. + +When the width is set to undef, no column count is specified and the +message box will take up 100% of the available width. Combining this +with HARD messagebox wrapping (below) is not recommended, as it will +lead to inconsistent width in transactions between browsers. + +These settings only apply to the non-RichText message box. See below +for Rich Text settings. =cut -Set($LogStackTraces, ''); +Set($MessageBoxWidth, undef); +Set($MessageBoxHeight, 15); -=item C<@LogToSyslogConf> +=item C<$MessageBoxWrap> -On Solaris or UnixWare, set to ( socket => 'inet' ). Options here -override any other options RT passes to L. -Other interesting flags include facility and logopt. (See the -L documentation for more information.) (Maybe -ident too, if you have multiple RT installations.) +Wrapping is disabled when using MessageBoxRichText because of a bad +interaction between IE and wrapping with the Rich Text Editor. =cut -Set(@LogToSyslogConf, ()); +Set($MessageBoxWrap, "SOFT"); -=item C<$StatementLog>, +=item C<$MessageBoxRichText> -RT has rudimentary SQL statement logging support if you have -DBIx-SearchBuilder 1.31_1 or higher; simply set C<$StatementLog> to be -the level that you wish SQL statements to be logged at. +Should "rich text" editing be enabled? This option lets your users +send HTML email messages from the web interface. =cut -Set($StatementLog, undef); +Set($MessageBoxRichText, 1); + +=item C<$MessageBoxRichTextHeight> + +Height of rich text JavaScript enabled editing boxes (in pixels) + +=cut + +Set($MessageBoxRichTextHeight, 200); + +=item C<$MessageBoxIncludeSignature> + +Should your users' signatures (from their Preferences page) be +included in Comments and Replies. + +=cut + +Set($MessageBoxIncludeSignature, 1); + +=item C<$MessageBoxIncludeSignatureOnComment> + +Should your users' signatures (from their Preferences page) be +included in Comments. Setting this to false overrides +C<$MessageBoxIncludeSignature>. + +=cut + +Set($MessageBoxIncludeSignatureOnComment, 1); =back -=head1 Web Interface Configuration + +=head2 Transaction display =over 4 -=item C<$WebDefaultStylesheet> +=item C<$OldestTransactionsFirst> -This determines the default stylesheet the RT web interface will use. -RT ships with several themes by default: +By default, RT shows newest transactions at the bottom of the ticket +history page, if you want see them at the top set this to 0. This +option can be overridden by users in their preferences. - web2 The totally new, default layout for RT 3.8 - 3.5-default RT 3.5 and 3.6 original layout - 3.4-compat A 3.4 compatibility stylesheet to make RT look - (mostly) like 3.4 +=cut -This bundled distibution of RT also includes (enabled by default): - freeside2.1 Integration with Freeside +Set($OldestTransactionsFirst, 1); -This value actually specifies a directory in F -from which RT will try to load the file main.css (which should -@import any other files the stylesheet needs). This allows you to -easily and cleanly create your own stylesheets to apply to RT. This -option can be overridden by users in their preferences. +=item C<$DeferTransactionLoading> + +When set, defers loading ticket history until the user clicks a link. +This should end up serving pages to users quicker, since generating +all the HTML for transaction history can be slow for long tickets. =cut -Set($WebDefaultStylesheet, 'freeside2.1'); +# Set($DeferTransactionLoading, 1); -=item C<$UsernameFormat> +=item C<$ShowBccHeader> -This determines how user info is displayed. 'concise' will show one of -either NickName, RealName, Name or EmailAddress, depending on what exists -and whether the user is privileged or not. 'verbose' will show RealName and -EmailAddress. +By default, RT hides from the web UI information about blind copies +user sent on reply or comment. =cut -Set($UsernameFormat, 'concise'); +Set($ShowBccHeader, 0); -=item C<$WebDomain> +=item C<$TrustHTMLAttachments> -Domain name of the RT server, eg 'www.example.com'. It should not contain -anything else, but server name. +If C is not defined, we will display them as +text. This prevents malicious HTML and JavaScript from being sent in a +request (although there is probably more to it than that) =cut -Set( $WebDomain, 'localhost' ); +Set($TrustHTMLAttachments, undef); -=item C<$WebPort> +=item C<$AlwaysDownloadAttachments> -If we're running as a superuser, run on port 80 -Otherwise, pick a high port for this user. +Always download attachments, regardless of content type. If set, this +overrides C. -443 is default port for https protocol. +=cut + +Set($AlwaysDownloadAttachments, undef); + +=item C<$AttachmentUnits> + +Controls the units (kilobytes or bytes) that attachment sizes use for +display. The default is to display kilobytes if the attachment is +larger than 1024 bytes, bytes otherwise. If you set +C<$AttachmentUnits> to C<'k'> then attachment sizes will always be +displayed in kilobytes. If set to C<'b'>, then sizes will be bytes. =cut -Set($WebPort, 80);# + ($< * 7274) % 32766 + ($< && 1024)); +Set($AttachmentUnits, undef); -=item C<$WebPath> +=item C<$PreferRichText> + +If C<$PreferRichText> is set to 1, RT will show HTML/Rich text messages +in preference to their plain-text alternatives. RT "scrubs" the HTML to +show only a minimal subset of HTML to avoid possible contamination by +cross-site-scripting attacks. + +=cut -If you're putting the web ui somewhere other than at the root of -your server, you should set C<$WebPath> to the path you'll be -serving RT at. +Set($PreferRichText, undef); -C<$WebPath> requires a leading / but no trailing /, or it can be blank. +=item C<$MaxInlineBody> -In most cases, you should leave C<$WebPath> set to '' (an empty value). +C<$MaxInlineBody> is the maximum attachment size that we want to see +inline when viewing a transaction. RT will inline any text if the +value is undefined or 0. This option can be overridden by users in +their preferences. =cut -Set($WebPath, ""); +Set($MaxInlineBody, 12000); -=item C<$WebBaseURL>, C<$WebURL> +=item C<$ShowTransactionImages> -Usually you don't want to set these options. The only obviouse reason is -RT accessible via https protocol on non standard port, eg -'https://rt.example.com:9999'. In all other cases these options are computed -using C<$WebDomain>, C<$WebPort> and C<$WebPath>. +By default, RT shows images attached to incoming (and outgoing) ticket +updates inline. Set this variable to 0 if you'd like to disable that +behavior. + +=cut + +Set($ShowTransactionImages, 1); -C<$WebBaseURL> is the scheme, server and port (eg 'http://rt.example.com') -for constructing urls to the web UI. C<$WebBaseURL> doesn't need a trailing /. +=item C<$PlainTextPre> -C<$WebURL> is the C<$WebBaseURL>, C<$WebPath> and trailing /, for example: -'http://www.example.com/rt/'. +Normally plaintext attachments are displayed as HTML with line breaks +preserved. This causes space- and tab-based formatting not to be +displayed correctly. By setting $PlainTextPre messages will be +displayed using 
.
 
 =cut
 
-my $port = RT->Config->Get('WebPort');
-Set($WebBaseURL,
-    ($port == 443? 'https': 'http') .'://'
-    . RT->Config->Get('WebDomain')
-    . ($port != 80 && $port != 443? ":$port" : '')
-);
+Set($PlainTextPre, 0);
 
-Set($WebURL, RT->Config->Get('WebBaseURL') . RT->Config->Get('WebPath') . "/");
 
-=item C<$WebImagesURL>
+=item C<$PlainTextMono>
 
-C<$WebImagesURL> points to the base URL where RT can find its images.
-Define the directory name to be used for images in rt web
-documents.
+Set C<$PlainTextMono> to 1 to use monospaced font and preserve
+formatting; unlike C<$PlainTextPre>, the text will wrap to fit width
+of the browser window; this option overrides C<$PlainTextPre>.
 
 =cut
 
-Set($WebImagesURL, RT->Config->Get('WebPath') . "/NoAuth/images/");
+Set($PlainTextMono, 0);
 
-=item C<$LogoURL>
+=item C<$SuppressInlineTextFiles>
 
-C<$LogoURL> points to the URL of the RT logo displayed in the web UI
+If C<$SuppressInlineTextFiles> is set to 1, then uploaded text files
+(text-type attachments with file names) are prevented from being
+displayed in-line when viewing a ticket's history.
 
 =cut
 
-Set($LogoURL, RT->Config->Get('WebImagesURL') . "bplogo.gif");
+Set($SuppressInlineTextFiles, undef);
 
-=item C<$WebNoAuthRegex>
 
-What portion of RT's URL space should not require authentication.
+=item C<@Active_MakeClicky>
+
+MakeClicky detects various formats of data in headers and email
+messages, and extends them with supporting links.  By default, RT
+provides two formats:
+
+* 'httpurl': detects http:// and https:// URLs and adds '[Open URL]'
+  link after the URL.
+
+* 'httpurl_overwrite': also detects URLs as 'httpurl' format, but
+  replaces the URL with a link.
 
-This is mostly for extension and doesn't mean RT will work without
-login if you change it.
+See F for documentation on how to add
+your own styles of link detection.
 
 =cut
 
-Set($WebNoAuthRegex, qr{^ /rt (?:/+NoAuth/ | /+REST/\d+\.\d+/NoAuth/) }x );
+Set(@Active_MakeClicky, qw());
 
-=item C<$SelfServiceRegex>
+=back
 
-What portion of RT's URLspace should be accessible to Unprivileged users
-This does not override the redirect from F to
-F when Unprivileged users attempt to access
-ticked displays
+
+
+=head1 Application logic
+
+=over 4
+
+=item C<$ParseNewMessageForTicketCcs>
+
+If C<$ParseNewMessageForTicketCcs> is set to 1, RT will attempt to
+divine Ticket 'Cc' watchers from the To and Cc lines of incoming
+messages.  Be forewarned that if you have I addresses which forward
+mail to RT automatically and you enable this option without modifying
+C<$RTAddressRegexp> below, you will get yourself into a heap of trouble.
 
 =cut
 
-Set($SelfServiceRegex, qr!^(?:/+SelfService/)!x );
+Set($ParseNewMessageForTicketCcs, undef);
 
-=item C<$MessageBoxWidth>, C<$MessageBoxHeight>
+=item C<$UseTransactionBatch>
 
-For message boxes, set the entry box width, height and what type of
-wrapping to use.  These options can be overridden by users in their
-preferences.
+Set C<$UseTransactionBatch> to 1 to execute transactions in batches,
+such that a resolve and comment (for example) would happen
+simultaneously, instead of as two transactions, unaware of each
+others' existence.
+
+=cut
 
-Default width: 72, height: 15
+Set($UseTransactionBatch, 1);
+
+=item C<$StrictLinkACL>
 
-These settings only apply to the non-RichText message box.
-See below for Rich Text settings.
+When this feature is enabled a user needs I rights on
+both tickets to link them together; otherwise, I rights
+on either of them is sufficient.
 
 =cut
 
-Set($MessageBoxWidth, 72);
-Set($MessageBoxHeight, 15);
+Set($StrictLinkACL, 1);
 
-=item C<$MessageBoxWrap>
+=item C<$RedistributeAutoGeneratedMessages>
+
+Should RT redistribute correspondence that it identifies as machine
+generated?  A 1 will do so; setting this to 0 will cause no
+such messages to be redistributed.  You can also use 'privileged' (the
+default), which will redistribute only to privileged users. This helps
+to protect against malformed bounces and loops caused by auto-created
+requestors with bogus addresses.
+
+=cut
+
+Set($RedistributeAutoGeneratedMessages, "privileged");
+
+=item C<$ApprovalRejectionNotes>
+
+Should rejection notes from approvals be sent to the requestors?
+
+=cut
+
+Set($ApprovalRejectionNotes, 1);
+
+=item C<$ForceApprovalsView>
+
+Should approval tickets only be viewed and modified through the standard
+approval interface?  Changing this setting to 1 will redirect any attempt to
+use the normal ticket display and modify page for approval tickets.
 
-Default wrapping: "HARD"  (choices "SOFT", "HARD")
+For example, with this option set to 1 and an approval ticket #123:
 
-Wrapping is disabled when using MessageBoxRichText because
-of a bad interaction between IE and wrapping with the Rich
-Text Editor.
+    /Ticket/Display.html?id=123
+
+is redirected to
+
+    /Approval/Display.html?id=123
+
+=back
 
 =cut
 
-Set($MessageBoxWrap, "HARD");
+Set($ForceApprovalsView, 0);
+
+=head1 Extra security
+
+This is a list of extra security measures to enable that help keep your RT
+safe.  If you don't know what these mean, you should almost certainly leave the
+defaults alone.
+
+=over 4
 
-=item C<$MessageBoxRichText>
+=item C<$DisallowExecuteCode>
 
-Should "rich text" editing be enabled? This option lets your users send html email messages from the web interface.
+If set to a true value, the C right will be removed from
+all users, B the superuser.  This is intended for when RT is
+installed into a shared environment where even the superuser should not
+be allowed to run arbitrary Perl code on the server via scrips.
 
 =cut
 
-Set($MessageBoxRichText, 1);
+Set($DisallowExecuteCode, 0);
 
-=item C<$MessageBoxRichTextHeight>
+=item C<$Framebusting>
 
-Height of RichText javascript enabled editing boxes (in pixels)
+If set to a false value, framekiller javascript will be disabled and the
+X-Frame-Options: DENY header will be suppressed from all responses.
+This disables RT's clickjacking protection.
 
 =cut
 
-Set($MessageBoxRichTextHeight, 200);
+Set($Framebusting, 1);
 
-=item C<$MessageBoxIncludeSignature>
+=item C<$RestrictReferrer>
 
-Should your user's signatures (from their Preferences page) be included in Comments and Replies
+If set to a false value, the HTTP C (sic) header will not be
+checked to ensure that requests come from RT's own domain.  As RT allows
+for GET requests to alter state, disabling this opens RT up to
+cross-site request forgery (CSRF) attacks.
 
 =cut
 
-Set($MessageBoxIncludeSignature, 1);
+Set($RestrictReferrer, 1);
 
-=item C<$WikiImplicitLinks>
+=item C<$RestrictLoginReferrer>
 
-Support implicit links in WikiText custom fields?  A true value
-causes InterCapped or ALLCAPS words in WikiText fields to
-automatically become links to searches for those words.  If used on
-RTFM articles, it links to the RTFM article with that name.
+If set to a false value, RT will allow the user to log in from any link
+or request, merely by passing in C and C parameters; setting
+it to a true value forces all logins to come from the login box, so the
+user is aware that they are being logged in.  The default is off, for
+backwards compatability.
 
 =cut
 
-Set($WikiImplicitLinks, 0);
+Set($RestrictLoginReferrer, 0);
 
-=item C<$TrustHTMLAttachments>
+=item C<@ReferrerWhitelist>
 
-if C is not defined, we will display them
-as text. This prevents malicious HTML and javascript from being
-sent in a request (although there is probably more to it than that)
+This is a list of hostname:port combinations that RT will treat as being
+part of RT's domain. This is particularly useful if you access RT as
+multiple hostnames or have an external auth system that needs to
+redirect back to RT once authentication is complete.
 
-=cut
+ Set(@ReferrerWhitelist, qw(www.example.com:443  www3.example.com:80));
 
-Set($TrustHTMLAttachments, undef);
+If the "RT has detected a possible cross-site request forgery" error is triggered
+by a host:port sent by your browser that you believe should be valid, you can copy
+the host:port from the error message into this list.
 
-=item C<$RedistributeAutoGeneratedMessages>
+Simple wildcards, similar to SSL certificates, are allowed.  For example:
 
-Should RT redistribute correspondence that it identifies as
-machine generated? A true value will do so; setting this to '0'
-will cause no such messages to be redistributed.
-You can also use 'privileged' (the default), which will redistribute
-only to privileged users. This helps to protect against malformed
-bounces and loops caused by autocreated requestors with bogus addresses.
+    *.example.com:80    # matches foo.example.com
+                        # but not example.com
+                        #      or foo.bar.example.com
+
+    www*.example.com:80 # matches www3.example.com
+                        #     and www-test.example.com
+                        #     and www.example.com
 
 =cut
 
-Set($RedistributeAutoGeneratedMessages, 'privileged');
+Set(@ReferrerWhitelist, qw());
 
-=item C<$PreferRichText>
+=back
 
-If C<$PreferRichText> is set to a true value, RT will show HTML/Rich text
-messages in preference to their plaintext alternatives. RT "scrubs" the 
-html to show only a minimal subset of HTML to avoid possible contamination
-by cross-site-scripting attacks.
 
-=cut
 
-Set($PreferRichText, undef);
+=head1 Authorization and user configuration
+
+=over 4
 
 =item C<$WebExternalAuth>
 
@@ -1010,9 +1865,9 @@ Set($WebExternalAuth, undef);
 
 If C<$WebExternalAuthContinuous> is defined, RT will check for the
 REMOTE_USER on each access.  If you would prefer this to only happen
-once (at initial login) set this to a false value.  The default setting
-will help ensure that if your external auth system deauthenticates a
-user, RT notices as soon as possible.
+once (at initial login) set this to a false value.  The default
+setting will help ensure that if your external authentication system
+deauthenticates a user, RT notices as soon as possible.
 
 =cut
 
@@ -1020,37 +1875,37 @@ Set($WebExternalAuthContinuous, 1);
 
 =item C<$WebFallbackToInternalAuth>
 
-If C<$WebFallbackToInternalAuth> is defined, the user is allowed a chance
-of fallback to the login screen, even if REMOTE_USER failed.
+If C<$WebFallbackToInternalAuth> is defined, the user is allowed a
+chance of fallback to the login screen, even if REMOTE_USER failed.
 
 =cut
 
-Set($WebFallbackToInternalAuth , undef);
+Set($WebFallbackToInternalAuth, undef);
 
 =item C<$WebExternalGecos>
 
-C<$WebExternalGecos> means to match 'gecos' field as the user identity);
-useful with mod_auth_pwcheck and IIS Integrated Windows logon.
+C<$WebExternalGecos> means to match 'gecos' field as the user
+identity); useful with mod_auth_pwcheck and IIS Integrated Windows
+logon.
 
 =cut
 
-Set($WebExternalGecos , undef);
+Set($WebExternalGecos, undef);
 
 =item C<$WebExternalAuto>
 
-C<$WebExternalAuto> will create users under the same name as REMOTE_USER
-upon login, if it's missing in the Users table.
+C<$WebExternalAuto> will create users under the same name as
+REMOTE_USER upon login, if it's missing in the Users table.
 
 =cut
 
-Set($WebExternalAuto , undef);
+Set($WebExternalAuto, undef);
 
 =item C<$AutoCreate>
 
-If C<$WebExternalAuto> is true, C<$AutoCreate> will be passed to User's
-Create method.  Use it to set defaults, such as creating 
-Unprivileged users with C<{ Privileged => 0 }>
-( Must be a hashref of arguments )
+If C<$WebExternalAuto> is set to 1, C<$AutoCreate> will be passed to
+User's Create method.  Use it to set defaults, such as creating
+Unprivileged users with C<{ Privileged => 0 }> This must be a hashref.
 
 =cut
 
@@ -1058,566 +1913,842 @@ Set($AutoCreate, undef);
 
 =item C<$WebSessionClass>
 
-C<$WebSessionClass> is the class you wish to use for managing Sessions.
-It defaults to use your SQL database, but if you are using MySQL 3.x and
-plans to use non-ascii Queue names, uncomment and add this line to
-F will prevent session corruption.
+C<$WebSessionClass> is the class you wish to use for managing sessions.
+It defaults to use your SQL database, except on Oracle, where it
+defaults to files on disk.
 
 =cut
 
-# Set($WebSessionClass , 'Apache::Session::File');
+# Set($WebSessionClass, "Apache::Session::File");
 
 =item C<$AutoLogoff>
 
-By default, RT's user sessions persist until a user closes his or her 
-browser. With the C<$AutoLogoff> option you can setup session lifetime in 
-minutes. A user will be logged out if he or she doesn't send any requests 
-to RT for the defined time.
+By default, RT's user sessions persist until a user closes his or her
+browser. With the C<$AutoLogoff> option you can setup session lifetime
+in minutes. A user will be logged out if he or she doesn't send any
+requests to RT for the defined time.
 
 =cut
 
 Set($AutoLogoff, 0);
 
-=item C<$WebSecureCookies>
+=item C<$LogoutRefresh>
 
-By default, RT's session cookie isn't marked as "secure" Some web browsers 
-will treat secure cookies more carefully than non-secure ones, being careful
-not to write them to disk, only send them over an SSL secured connection 
-and so on. To enable this behaviour, set C<$WebSecureCookies> to a true value. 
-NOTE: You probably don't want to turn this on _unless_ users are only connecting
-via SSL encrypted HTTP connections.
+The number of seconds to wait after logout before sending the user to
+the login page. By default, 1 second, though you may want to increase
+this if you display additional information on the logout page.
 
 =cut
 
-Set($WebSecureCookies, 0);
+Set($LogoutRefresh, 1);
 
-=item C<$WebFlushDbCacheEveryRequest>
+=item C<$WebSecureCookies>
 
-By default, RT clears its database cache after every page view.
-This ensures that you've always got the most current information 
-when working in a multi-process (mod_perl or FastCGI) Environment
-Setting C<$WebFlushDbCacheEveryRequest> to '0' will turn this off,
-which will speed RT up a bit, at the expense of a tiny bit of data 
-accuracy.
+By default, RT's session cookie isn't marked as "secure". Some web
+browsers will treat secure cookies more carefully than non-secure
+ones, being careful not to write them to disk, only sending them over
+an SSL secured connection, and so on. To enable this behavior, set
+C<$WebSecureCookies> to 1.  NOTE: You probably don't want to turn this
+on I users are only connecting via SSL encrypted HTTPS
+connections.
 
 =cut
 
-Set($WebFlushDbCacheEveryRequest, '1');
-
+Set($WebSecureCookies, 0);
 
-=item C<$MaxInlineBody>
+=item C<$WebHttpOnlyCookies>
 
-C<$MaxInlineBody> is the maximum attachment size that we want to see
-inline when viewing a transaction.  RT will inline any text if value
-is undefined or 0.  This option can be overridden by users in their
-preferences.
+Default RT's session cookie to not being directly accessible to
+javascript.  The content is still sent during regular and AJAX requests,
+and other cookies are unaffected, but the session-id is less
+programmatically accessible to javascript.  Turning this off should only
+be necessary in situations with odd client-side authentication
+requirements.
 
 =cut
 
-Set($MaxInlineBody, 12000);
+Set($WebHttpOnlyCookies, 1);
 
-=item C<$DefaultSummaryRows>
+=item C<$MinimumPasswordLength>
 
-C<$DefaultSummaryRows> is default number of rows displayed in for search
-results on the frontpage.
+C<$MinimumPasswordLength> defines the minimum length for user
+passwords. Setting it to 0 disables this check.
 
 =cut
 
-Set($DefaultSummaryRows, 10);
+Set($MinimumPasswordLength, 5);
 
-=item C<$HomePageRefreshInterval>
+=back
 
-C<$HomePageRefreshInterval> is default number of seconds to refresh the RT
-home page. Choose from [0, 120, 300, 600, 1200, 3600, 7200].
 
-=cut
+=head1 Internationalization
 
-Set($HomePageRefreshInterval, 0);
+=over 4
 
-=item C<$SearchResultsRefreshInterval>
+=item C<@LexiconLanguages>
 
-C<$SearchResultsRefreshInterval> is default number of seconds to refresh
-search results in RT. Choose from [0, 120, 300, 600, 1200, 3600, 7200].
+An array that contains languages supported by RT's
+internationalization interface.  Defaults to all *.po lexicons;
+setting it to C will make RT bilingual instead of
+multilingual, but will save some memory.
 
 =cut
 
-Set($SearchResultsRefreshInterval, 0);
+Set(@LexiconLanguages, qw(*));
 
-=item C<$OldestTransactionsFirst>
+=item C<@EmailInputEncodings>
 
-By default, RT shows newest transactions at the bottom of the ticket
-history page, if you want see them at the top set this to '0'.  This
-option can be overridden by users in their preferences.
+An array that contains default encodings used to guess which charset
+an attachment uses, if it does not specify one explicitly.  All
+options must be recognized by L.  The first element may
+also be '*', which enables encoding detection using
+L, if installed.
 
 =cut
 
-Set($OldestTransactionsFirst, '1');
+Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));
 
-=item C<$ShowTransactionImages>
+=item C<$EmailOutputEncoding>
 
-By default, RT shows images attached to incoming (and outgoing) ticket updates
-inline. Set this variable to 0 if you'd like to disable that behaviour
+The charset for localized email.  Must be recognized by Encode.
 
 =cut
 
-Set($ShowTransactionImages, 1);
+Set($EmailOutputEncoding, "utf-8");
 
-=item C<$PlainTextPre>
+=back
 
-Normally plaintext attachments are displayed as HTML with line
-breaks preserved.  This causes space- and tab-based formatting not
-to be displayed correctly.  By setting $PlainTextPre they'll be
-displayed using 
 instead so such formatting works, but they'll
-use a monospaced font, no matter what the value of C<$PlainTextMono> is.
 
-=cut
 
-Set($PlainTextPre, 0);
 
 
-=item C<$PlainTextMono> 
-To display plaintext attachments,
-Set C<$PlainTextMono> to 1 to use monospaced font and preserve
-formatting, but unlike PlainTextPre, the text will wrap to fit into the
-UI.
 
-=cut
 
-Set($PlainTextMono, 0);
+=head1 Date and time handling
 
-=item C<$ShowUnreadMessageNotifications>
+=over 4
+
+=item C<$DateTimeFormat>
 
-By default, RT will prompt users when there are new, unread messages on
-tickets they are viewing.
+You can choose date and time format.  See the "Output formatters"
+section in perldoc F for more options.  This option
+can be overridden by users in their preferences.
 
-Set C<$ShowUnreadMessageNotifications> to a false value to disable this feature.
+Some examples:
+
+C
+C "ISO", Seconds => 0 });>
+C
+C "RFC2822", Seconds => 0, DayOfWeek => 0 });>
 
 =cut
 
-Set($ShowUnreadMessageNotifications, 1);
+Set($DateTimeFormat, "DefaultFormat");
 
+# Next two options are for Time::ParseDate
 
-=item C<$HomepageComponents>
+=item C<$DateDayBeforeMonth>
 
-C<$HomepageComponents> is an arrayref of allowed components on a user's
-customized homepage ("RT at a glance").
+Set this to 1 if your local date convention looks like "dd/mm/yy"
+instead of "mm/dd/yy". Used only for parsing, not for displaying
+dates.
 
 =cut
 
-Set($HomepageComponents, [qw(QuickCreate Quicksearch MyAdminQueues MySupportQueues MyReminders RefreshHomepage Dashboards)]);
+Set($DateDayBeforeMonth, 1);
 
-=item C<@MasonParameters>
+=item C<$AmbiguousDayInPast>, C<$AmbiguousDayInFuture>
 
-C<@MasonParameters> is the list of parameters for the constructor of
-HTML::Mason's Apache or CGI Handler.  This is normally only useful
-for debugging, eg. profiling individual components with:
+Should an unspecified day or year in a date refer to a future or a
+past value? For example, should a date of "Tuesday" default to mean
+the date for next Tuesday or last Tuesday? Should the date "March 1"
+default to the date for next March or last March?
 
-    use MasonX::Profiler; # available on CPAN
-    Set(@MasonParameters, (preamble => 'my $p = MasonX::Profiler->new($m, $r);'));
+Set C<$AmbiguousDayInPast> for the last date, or
+C<$AmbiguousDayInFuture> for the next date; the default is usually
+correct.  If both are set, C<$AmbiguousDayInPast> takes precedence.
 
 =cut
 
-Set(@MasonParameters, ());
+Set($AmbiguousDayInPast, 0);
+Set($AmbiguousDayInFuture, 0);
 
-=item C<$DefaultSearchResultFormat>
+=item C<$DefaultTimeUnitsToHours>
 
-C<$DefaultSearchResultFormat> is the default format for RT search results
+Use this to set the default units for time entry to hours instead of
+minutes.  Note that this only effects entry, not display.
 
 =cut
 
-Set ($DefaultSearchResultFormat, qq{
-   '__id__/TITLE:#',
-   '__Subject__/TITLE:Subject',
-   Status,
-   QueueName, 
-   OwnerName, 
-   Priority, 
-   '__NEWLINE__',
-   '', 
-   '__Requestors__',
-   '__CreatedRelative__',
-   '__ToldRelative__',
-   '__LastUpdatedRelative__',
-   '__TimeLeft__'});
+Set($DefaultTimeUnitsToHours, 0);
 
-=item C<$DefaultSelfServiceSearchResultFormat>
+=item C<$SimpleSearchIncludeResolved>
 
-C<$DefaultSelfServiceSearchResultFormat> is the default format of searches displayed in the 
-SelfService interface.
+By default, the simple ticket search in the top bar excludes "resolved" tickets
+unless a status argument is specified.  Set this to a true value to include 
+them.
 
 =cut
 
-Set($DefaultSelfServiceSearchResultFormat, qq{
-   '__id__/TITLE:#',
-   '__Subject__/TITLE:Subject',
-   Status,
-   Requestors,
-   OwnerName});
+Set($SimpleSearchIncludeResolved, 0);
 
-=item C<$SuppressInlineTextFiles>
+=back
 
-If C<$SuppressInlineTextFiles> is set to a true value, then uploaded
-text files (text-type attachments with file names) are prevented
-from being displayed in-line when viewing a ticket's history.
 
-=cut
 
-Set($SuppressInlineTextFiles, undef);
 
-=item C<$DontSearchFileAttachments>
+=head1 GnuPG integration
 
-If C<$DontSearchFileAttachments> is set to a true value, then uploaded
-files (attachments with file names) are not searched during full-content
-ticket searches.
+A full description of the (somewhat extensive) GnuPG integration can
+be found by running the command `perldoc L` (or
+`perldoc lib/RT/Crypt/GnuPG.pm` from your RT install directory).
 
-=cut
+=over 4
 
-Set($DontSearchFileAttachments, undef);
+=item C<%GnuPG>
 
-=item C<$ChartFont>
+Set C to 'inline' to use inline encryption and
+signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format.
 
-The L module (which RT uses for graphs) uses a builtin font that doesn't
-have full Unicode support. You can use a particular TrueType font by setting
-$ChartFont to the absolute path of that font. Your GD library must have
-support for TrueType fonts to use this option.
+If you want to allow people to encrypt attachments inside the DB then
+set C to 1.
 
-=cut
+Set C to false if you don't want to reject
+emails encrypted for key RT doesn't have and can not decrypt.
 
-Set($ChartFont, undef);
+Set C to false if you don't want to reject letters
+with incorrect GnuPG data.
 
+=cut
 
-=item C<@Active_MakeClicky>
+Set(%GnuPG,
+    Enable => @RT_GPG@,
+    OutgoingMessagesFormat => "RFC", # Inline
+    AllowEncryptDataInDB   => 0,
 
-MakeClicky detects various formats of data in headers and email
-messages, and extends them with supporting links.  By default, RT
-provides two formats:
+    RejectOnMissingPrivateKey => 1,
+    RejectOnBadData           => 1,
+);
 
-* 'httpurl': detects http:// and https:// URLs and adds '[Open URL]'
-  link after the URL.
+=item C<%GnuPGOptions>
 
-* 'httpurl_overwrite': also detects URLs as 'httpurl' format, but
-  replace URL with link and *adds spaces* into text if it's longer
-  then 30 chars. This allow browser to wrap long URLs and avoid
-  horizontal scrolling.
+Options to pass to the GnuPG program.
 
-See F for documentation on how to add your own.
+If you override this in your RT_SiteConfig, you should be sure to
+include a homedir setting.
 
-=cut
+Note that options with '-' character MUST be quoted.
 
-Set(@Active_MakeClicky, qw());
+=cut
 
-=item C<$DefaultQueue>
+Set(%GnuPGOptions,
+    homedir => q{@RT_VAR_PATH@/data/gpg},
 
-Use this to select the default queue name that will be used for creating new
-tickets. You may use either the queue's name or its ID. This only affects the
-queue selection boxes on the web interface.
+# URL of a keyserver
+#    keyserver => 'hkp://subkeys.pgp.net',
 
-=cut
+# enables the automatic retrieving of keys when encrypting
+#    'auto-key-locate' => 'keyserver',
 
-#Set($DefaultQueue, 'General');
+# enables the automatic retrieving of keys when verifying signatures
+#    'auto-key-retrieve' => undef,
+);
 
-=item C<$DefaultTimeUnitsToHours>
+=back
 
-Use this to set the default units for time entry to hours instead of minutes.
 
-=cut
 
-Set($DefaultTimeUnitsToHours, 0);
+=head1 Lifecycles
 
-=back
+=head2 Lifecycle definitions
 
-=head1 L (rt-server) Configuration
+Each lifecycle is a list of possible statuses split into three logic
+sets: B, B and B. Each status in a
+lifecycle must be unique. (Statuses may not be repeated across sets.)
+Each set may have any number of statuses.
 
-=over 4
+For example:
 
-=item C<$StandaloneMinServers>, C<$StandaloneMaxServers>
+    default => {
+        initial  => ['new'],
+        active   => ['open', 'stalled'],
+        inactive => ['resolved', 'rejected', 'deleted'],
+        ...
+    },
 
-The absolute minimum and maximum number of servers that will be created to
-handle requests. Having multiple servers means that serving a slow page will
-affect other users less.
+Status names can be from 1 to 64 ASCII characters.  Statuses are
+localized using RT's standard internationalization and localization
+system.
 
-=cut
+=over 4
 
-Set($StandaloneMinServers, 1);
-Set($StandaloneMaxServers, 1);
+=item initial
 
-=item C<$StandaloneMinSpareServers>, C<$StandaloneMaxSpareServers>
+You can define multiple B statuses for tickets in a given
+lifecycle.
 
-These next two options can be used to scale up and down the number of servers
-to adjust to load. These two options will respect the C<$StandaloneMinServers
-> and C<$StandaloneMaxServers options>.
+RT will automatically set its B date when you change a
+ticket's status from an B state to an B or
+B status.
 
-=cut
+=item active
 
-Set($StandaloneMinSpareServers, 0);
-Set($StandaloneMaxSpareServers, 0);
+B tickets are "currently in play" - they're things that are
+being worked on and not yet complete.
 
-=item C<$StandaloneMaxRequests>
+=item inactive
 
-This sets the absolute maximum number of requests a single server will serve.
-Setting this would be useful if, for example, memory usage slowly crawls up
-every hit.
+B tickets are typically in their "final resting state".
 
-=cut
+While you're free to implement a workflow that ignores that
+description, typically once a ticket enters an inactive state, it will
+never again enter an active state.
 
-#Set($StandaloneMaxRequests, 50);
+RT will automatically set the B date when a ticket's status
+is changed from an B or B status to an B
+status.
 
-=item C<%NetServerOptions>
+B is still a special status and protected by the
+B right, unless you re-defined rights (read below). If
+you don't want to allow ticket deletion at any time simply don't
+include it in your lifecycle.
 
-C<%NetServerOptions> is a hash of additional options to use for
-L. For example, you could set
-reverse_lookups to get the hostnames for all users with:
+=back
 
-C 1));>
+Statuses in each set are ordered and listed in the UI in the defined
+order.
 
-=cut
+Changes between statuses are constrained by transition rules, as
+described below.
 
-Set(%NetServerOptions, ());
+=head2 Default values
 
-=back
+In some cases a default value is used to display in UI or in API when
+value is not provided. You can configure defaults using the following
+syntax:
 
+    default => {
+        ...
+        defaults => {
+            on_create => 'new',
+            on_resolve => 'resolved',
+            ...
+        },
+    },
 
-=head1 UTF-8 Configuration
+The following defaults are used.
 
 =over 4
 
-=item C<@LexiconLanguages>
-
-An array that contains languages supported by RT's internationalization
-interface.  Defaults to all *.po lexicons; setting it to C will make
-RT bilingual instead of multilingual, but will save some memory.
+=item on_create
 
-=cut
+If you (or your code) doesn't specify a status when creating a ticket,
+RT will use the this status. See also L.
 
-Set(@LexiconLanguages, qw(*));
+=item on_merge
 
-=item C<@EmailInputEncodings>
+When tickets are merged, the status of the ticket that was merged
+away is forced to this value.  It should be one of inactive statuses;
+'resolved' or its equivalent is most probably the best candidate.
 
-An array that contains default encodings used to guess which charset
-an attachment uses if not specified.  Must be recognized by
-L.
+=item approved
 
-=cut
+When an approval is accepted, the status of depending tickets will
+be changed to this value.
 
-Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));
+=item denied
 
-=item C<$EmailOutputEncoding>
+When an approval is denied, the status of depending tickets will
+be changed to this value.
 
-The charset for localized email.  Must be recognized by Encode.
+=item reminder_on_open
 
-=cut
+When a reminder is opened, the status will be changed to this value.
 
-Set($EmailOutputEncoding, 'utf-8');
+=item reminder_on_resolve
 
+When a reminder is resolved, the status will be changed to this value.
 
 =back
 
-=head1 Date Handling Configuration
-
-=over 4
+=head2 Transitions between statuses and UI actions
+
+A B is a change of status from A to B. You should define
+all possible transitions in each lifecycle using the following format:
+
+    default => {
+        ...
+        transitions => {
+            ''       => [qw(new open resolved)],
+            new      => [qw(open resolved rejected deleted)],
+            open     => [qw(stalled resolved rejected deleted)],
+            stalled  => [qw(open)],
+            resolved => [qw(open)],
+            rejected => [qw(open)],
+            deleted  => [qw(open)],
+        },
+        ...
+    },
+
+=head3 Statuses available during ticket creation
+
+By default users can create tickets with a status of new,
+open, or resolved, but cannot create tickets with a status of
+rejected, stalled, or deleted. If you want to change the statuses
+available during creation, update the transition from '' (empty
+string), like in the example above.
+
+=head3 Protecting status changes with rights
+
+A transition or group of transitions can be protected by a specific
+right.  Additionally, you can name new right names, which will be added
+to the system to control that transition.  For example, if you wished to
+create a lesser right than ModifyTicket for rejecting tickets, you could
+write:
+
+    default => {
+        ...
+        rights => {
+            '* -> deleted'  => 'DeleteTicket',
+            '* -> rejected' => 'RejectTicket',
+            '* -> *'        => 'ModifyTicket',
+        },
+        ...
+    },
+
+This would create a new C right in the system which you
+could assign to whatever groups you choose.
+
+On the left hand side you can have the following variants:
+
+    ' -> '
+    '* -> '
+    ' -> *'
+    '* -> *'
+
+Valid transitions are listed in order of priority. If a user attempts
+to change a ticket's status from B to B then the lifecycle
+is checked for presence of an exact match, then for 'any to B',
+'B to any' and finally 'any to any'.
+
+If you don't define any rights, or there is no match for a transition,
+RT will use the B or B as appropriate.
+
+=head3 Labeling and defining actions
+
+For each transition you can define an action that will be shown in the
+UI; each action annotated with a label and an update type.
+
+Each action may provide a default update type, which can be
+B, B, or absent. For example, you may want your
+staff to write a reply to the end user when they change status from
+B to B, and thus set the update to B.  Neither
+B nor B are mandatory, and user may leave the
+message empty, regardless of the update type.
+
+This configuration can be used to accomplish what
+$ResolveDefaultUpdateType was used for in RT 3.8.
+
+Use the following format to define labels and actions of transitions:
+
+    default => {
+        ...
+        actions => [
+            'new -> open'     => { label => 'Open it', update => 'Respond' },
+            'new -> resolved' => { label => 'Resolve', update => 'Comment' },
+            'new -> rejected' => { label => 'Reject',  update => 'Respond' },
+            'new -> deleted'  => { label => 'Delete' },
+
+            'open -> stalled'  => { label => 'Stall',   update => 'Comment' },
+            'open -> resolved' => { label => 'Resolve', update => 'Comment' },
+            'open -> rejected' => { label => 'Reject',  update => 'Respond' },
+
+            'stalled -> open'  => { label => 'Open it' },
+            'resolved -> open' => { label => 'Re-open', update => 'Comment' },
+            'rejected -> open' => { label => 'Re-open', update => 'Comment' },
+            'deleted -> open'  => { label => 'Undelete' },
+        ],
+        ...
+    },
+
+In addition, you may define multiple actions for the same transition.
+Alternately, you may use '* -> x' to match more than one transition.
+For example:
+
+    default => {
+        ...
+        actions => [
+            ...
+            'new -> rejected' => { label => 'Reject', update => 'Respond' },
+            'new -> rejected' => { label => 'Quick Reject' },
+            ...
+            '* -> deleted' => { label => 'Delete' },
+            ...
+        ],
+        ...
+    },
+
+=head2 Moving tickets between queues with different lifecycles
+
+Unless there is an explicit mapping between statuses in two different
+lifecycles, you can not move tickets between queues with these
+lifecycles.  This is true even if the different lifecycles use the exact
+same set of statuses.  Such a mapping is defined as follows:
+
+    __maps__ => {
+        'from lifecycle -> to lifecycle' => {
+            'status in left lifecycle' => 'status in right lifecycle',
+            ...
+        },
+        ...
+    },
+
+=cut
+
+Set(%Lifecycles,
+    default => {
+        initial         => [ 'new' ],
+        active          => [ 'open', 'stalled' ],
+        inactive        => [ 'resolved', 'rejected', 'deleted' ],
+
+        defaults => {
+            on_create => 'new',
+            on_merge  => 'resolved',
+            approved  => 'open',
+            denied    => 'rejected',
+            reminder_on_open     => 'open',
+            reminder_on_resolve  => 'resolved',
+        },
+
+        transitions => {
+            ''       => [qw(new open resolved)],
+
+            # from   => [ to list ],
+            new      => [qw(open stalled resolved rejected deleted)],
+            open     => [qw(new stalled resolved rejected deleted)],
+            stalled  => [qw(new open rejected resolved deleted)],
+            resolved => [qw(new open stalled rejected deleted)],
+            rejected => [qw(new open stalled resolved deleted)],
+            deleted  => [qw(new open stalled rejected resolved)],
+        },
+        rights => {
+            '* -> deleted'  => 'DeleteTicket',
+            '* -> *'        => 'ModifyTicket',
+        },
+        actions => [
+            'new -> open'      => {
+                label  => 'Open It', # loc
+                update => 'Respond',
+            },
+            'new -> resolved'  => {
+                label  => 'Resolve', # loc
+                update => 'Comment',
+            },
+            'new -> rejected'  => {
+                label  => 'Reject', # loc
+                update => 'Respond',
+            },
+            'new -> deleted'   => {
+                label  => 'Delete', # loc
+            },
+
+            'open -> stalled'  => {
+                label  => 'Stall', # loc
+                update => 'Comment',
+            },
+            'open -> resolved' => {
+                label  => 'Resolve', # loc
+                update => 'Comment',
+            },
+            'open -> rejected' => {
+                label  => 'Reject', # loc
+                update => 'Respond',
+            },
+
+            'stalled -> open'  => {
+                label  => 'Open It', # loc
+            },
+            'resolved -> open' => {
+                label  => 'Re-open', # loc
+                update => 'Comment',
+            },
+            'rejected -> open' => {
+                label  => 'Re-open', # loc
+                update => 'Comment',
+            },
+            'deleted -> open'  => {
+                label  => 'Undelete', # loc
+            },
+        ],
+    },
+# don't change lifecyle of the approvals, they are not capable to deal with
+# custom statuses
+    approvals => {
+        initial         => [ 'new' ],
+        active          => [ 'open', 'stalled' ],
+        inactive        => [ 'resolved', 'rejected', 'deleted' ],
+
+        defaults => {
+            on_create => 'new',
+            on_merge => 'resolved',
+            reminder_on_open     => 'open',
+            reminder_on_resolve  => 'resolved',
+        },
+
+        transitions => {
+            ''       => [qw(new open resolved)],
+
+            # from   => [ to list ],
+            new      => [qw(open stalled resolved rejected deleted)],
+            open     => [qw(new stalled resolved rejected deleted)],
+            stalled  => [qw(new open rejected resolved deleted)],
+            resolved => [qw(new open stalled rejected deleted)],
+            rejected => [qw(new open stalled resolved deleted)],
+            deleted  => [qw(new open stalled rejected resolved)],
+        },
+        rights => {
+            '* -> deleted'  => 'DeleteTicket',
+            '* -> rejected' => 'ModifyTicket',
+            '* -> *'        => 'ModifyTicket',
+        },
+        actions => [
+            'new -> open'      => {
+                label  => 'Open It', # loc
+                update => 'Respond',
+            },
+            'new -> resolved'  => {
+                label  => 'Resolve', # loc
+                update => 'Comment',
+            },
+            'new -> rejected'  => {
+                label  => 'Reject', # loc
+                update => 'Respond',
+            },
+            'new -> deleted'   => {
+                label  => 'Delete', # loc
+            },
+
+            'open -> stalled'  => {
+                label  => 'Stall', # loc
+                update => 'Comment',
+            },
+            'open -> resolved' => {
+                label  => 'Resolve', # loc
+                update => 'Comment',
+            },
+            'open -> rejected' => {
+                label  => 'Reject', # loc
+                update => 'Respond',
+            },
+
+            'stalled -> open'  => {
+                label  => 'Open It', # loc
+            },
+            'resolved -> open' => {
+                label  => 'Re-open', # loc
+                update => 'Comment',
+            },
+            'rejected -> open' => {
+                label  => 'Re-open', # loc
+                update => 'Comment',
+            },
+            'deleted -> open'  => {
+                label  => 'Undelete', # loc
+            },
+        ],
+    },
+);
 
-=item C<$DateTimeFormat>
 
-You can choose date and time format.  See "Output formatters"
-section in perldoc F for more options.  This option can
-be overridden by users in their preferences.
-Some examples:
 
-C
-C 'ISO', Seconds => 0 });>
-C
-C 'RFC2822', Seconds => 0, DayOfWeek => 0 });>
 
-=cut
 
-Set($DateTimeFormat, 'DefaultFormat');
+=head1 Administrative interface
 
-# Next two options are for Time::ParseDate
+=over 4
 
-=item C<$DateDayBeforeMonth>
+=item C<$ShowRTPortal>
 
-Set this to 1 if your local date convention looks like "dd/mm/yy" instead of
-"mm/dd/yy". Used only for parsing, not for displaying dates.
+RT can show administrators a feed of recent RT releases and other
+related announcements and information from Best Practical on the top
+level Configuration page.  This feature helps you stay up to date on
+RT security announcements and version updates.
 
-=cut
+RT provides this feature using an "iframe" on C
+which asks the administrator's browser to show an inline page from
+Best Practical's website.
 
-Set($DateDayBeforeMonth , 1);
+If you'd rather not make this feature available to your
+administrators, set C<$ShowRTPortal> to a false value.
 
-=item C<$AmbiguousDayInPast>, C<$AmbiguousDayInFuture>
+=cut
 
-Should an unspecified day or year in a date refer to a future or a
-past value? For example, should a date of "Tuesday" default to mean
-the date for next Tuesday or last Tuesday? Should the date "March 1"
-default to the date for next March or last March?
+Set($ShowRTPortal, 1);
 
-Set $ for the last date, or $<$AmbiguousDayInFuture> for the
-next date.
+=item C<%AdminSearchResultFormat>
 
-The default is usually good.
+In the admin interface, format strings similar to tickets result
+formats are used. Use C<%AdminSearchResultFormat> to define the format
+strings used in the admin interface on a per-RT-class basis.
 
 =cut
 
-Set($AmbiguousDayInPast, 0);
-Set($AmbiguousDayInFuture, 0);
+Set(%AdminSearchResultFormat,
+    Queues =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,__Description__,__Address__,__Priority__,__DefaultDueIn__,__Disabled__,__Lifecycle__},
 
-=back
+    Groups =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,'__Description__'},
 
-=head1 Approval Configuration
+    Users =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,__RealName__, __EmailAddress__},
 
-Configration for the approvl system
+    CustomFields =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,__AppliedTo__, __FriendlyType__, __FriendlyPattern__},
 
-=over 4
+    Scrips =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Description__/TITLE:Description'}
+        .q{,__Stage__, __Condition__, __Action__, __Template__},
 
-=item C<$ApprovalRejectionNotes>
+    GlobalScrips =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Description__/TITLE:Description'}
+        .q{,__Stage__, __Condition__, __Action__, __Template__},
 
-Should rejection notes be sent to the requestors?  The default is true.
+    Templates =>
+        q{'__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,'__Description__'},
+    Classes =>
+        q{ '__id__/TITLE:#'}
+        .q{,'__Name__/TITLE:Name'}
+        .q{,__Description__},
+);
 
-=cut
+=back
 
-Set($ApprovalRejectionNotes, 1);
 
 
-=back
 
-=head1 Miscellaneous Configuration
+=head1 Development options
 
 =over 4
 
-=item C<@ActiveStatus>, C<@InactiveStatus>
+=item C<$DevelMode>
 
-You can define new statuses and even reorder existing statuses here.
-WARNING. DO NOT DELETE ANY OF THE DEFAULT STATUSES. If you do, RT
-will break horribly. The statuses you add must be no longer than
-10 characters.
+RT comes with a "Development mode" setting.  This setting, as a
+convenience for developers, turns on several of development options
+that you most likely don't want in production:
 
-=cut
+=over 4
 
-Set(@ActiveStatus, qw(new open stalled));
-Set(@InactiveStatus, qw(resolved rejected deleted));
+=item *
 
-=item C<$LinkTransactionsRun1Scrip>
+Disables CSS and JS minification and concatenation.  Both CSS and JS
+will be instead be served as a number of individual smaller files,
+unchanged from how they are stored on disk.
 
-RT-3.4 backward compatibility setting. Add/Delete Link used to record one
-transaction and run one scrip. Set this value to 1 if you want
-only one of the link transactions to have scrips run.
+=item *
 
-=cut
+Uses L to reload changed Perl modules on each
+request.
 
-Set($LinkTransactionsRun1Scrip, 0);
+=item *
 
-=item C<$StrictLinkACL>
+Turns off Mason's C directive; this causes Mason to
+reload template files which have been modified on disk.
 
-When this feature is enabled a user needs I rights on both
-tickets to link them together, otherwise he can have rights on either of
-them.
+=item *
 
-=cut
+Turns on Mason's HTML C; this renders compilation errors
+to the browser, along with a full stack trace.  It is possible for
+stack traces to reveal sensitive information such as passwords or
+ticket content.
 
-Set($StrictLinkACL, 1);
+=item *
 
-=item C<$PreviewScripMessages>
+Turns off caching of callbacks; this enables additional callbacks to
+be added while the server is running.
 
-Set C<$PreviewScripMessages> to 1 if the scrips preview on the ticket
-reply page should include the content of the messages to be sent.
+=back
 
 =cut
 
-Set($PreviewScripMessages, 0);
-
-=item C<$UseTransactionBatch>
-
-Set C<$UseTransactionBatch> to 1 to execute transactions in batches,
-such that a resolve and comment (for example) would happen
-simultaneously, instead of as two transactions, unaware of each
-others' existence.
+Set($DevelMode, "@RT_DEVEL_MODE@");
 
-=cut
 
-Set($UseTransactionBatch, 1);
+=item C<$RecordBaseClass>
 
-=item C<@CustomFieldValuesSources>
+What abstract base class should RT use for its records. You should
+probably never change this.
 
-Set C<@CustomFieldValuesSources> to a list of class names which extend
-L.  This can be used to pull lists of
-custom field values from external sources at runtime.
+Valid values are C or
+C
 
 =cut
 
-Set(@CustomFieldValuesSources, ());
+Set($RecordBaseClass, "DBIx::SearchBuilder::Record::Cachable");
 
-=item C<$CanonicalizeRedirectURLs>
-
-Set C<$CanonicalizeRedirectURLs> to 1 to use $C when redirecting rather
-than the one we get from C<%ENV>.
-
-If you use RT behind a reverse proxy, you almost certainly want to
-enable this option.
 
-=cut
+=item C<@MasonParameters>
 
-Set($CanonicalizeRedirectURLs, 0);
-=item C<$EnableReminders>
+C<@MasonParameters> is the list of parameters for the constructor of
+HTML::Mason's Apache or CGI Handler.  This is normally only useful for
+debugging, e.g. profiling individual components with:
 
-Hide links/portlets related to Reminders by setting this to 0
+    use MasonX::Profiler; # available on CPAN
+    Set(@MasonParameters, (preamble => 'my $p = MasonX::Profiler->new($m, $r);'));
 
 =cut
 
-Set($EnableReminders,1);
-
+Set(@MasonParameters, ());
 
-=item C<@Plugins>
+=item C<$StatementLog>
 
-Set C<@Plugins> to a list of external RT plugins that should be enabled (those
-plugins have to be previously downloaded and installed).
-Example:
+RT has rudimentary SQL statement logging support; simply set
+C<$StatementLog> to be the level that you wish SQL statements to be
+logged at.
 
-C
+Enabling this option will also expose the SQL Queries page in the
+Configuration -> Tools menu for SuperUsers.
 
 =cut
 
-Set(@Plugins, ());
+Set($StatementLog, undef);
 
 =back
 
-=head1 Development Configuration
-
-=over 4
-
-=item C<$DevelMode>
-
-RT comes with a "Development mode" setting. 
-This setting, as a convenience for developers, turns on 
-all sorts of development options that you most likely don't want in 
-production:
-
-* Turns off Mason's 'static_source' directive. By default, you can't 
-  edit RT's web ui components on the fly and have RT magically pick up
-  your changes. (It's a big performance hit)
-
- * More to come
 
-=cut
-
-Set($DevelMode, '@RT_DEVEL_MODE@');
 
 
-=back
-
-=head1 Deprecated Options
+=head1 Deprecated options
 
 =over 4
 
-=item C<$AlwaysUseBase64>
+=item C<$LinkTransactionsRun1Scrip>
 
-Encode blobs as base64 in DB (?)
+RT-3.4 backward compatibility setting. Add/Delete Link used to record
+one transaction and run one scrip. Set this value to 1 if you want
+only one of the link transactions to have scrips run.
 
-=item C<$TicketBaseURI>
+=cut
 
-Base URI to tickets in this system; used when loading (?)
+Set($LinkTransactionsRun1Scrip, 0);
 
-=item C<$UseCodeTickets>
+=item C<$ResolveDefaultUpdateType>
 
-This option is exists for backwards compatibility.  Don't use it.
+This option has been deprecated.  You can configure this site-wide
+with L (see L).
 
 =back