release: 1.10.2

1 char small typo in the English text

.gitignore

@@ -44,6 +44,7 @@ yarn-error.log*
 /docs/build/
 /docs/.docusaurus
 /docs/.cache-loader
+/config.yaml
 
 # Jetbrains specific (webstorm)
 .idea/**/**

CHANGELOG.md

@@ -1,3 +1,40 @@
+## [1.10.2](https://github.com/stonith404/pingvin-share/compare/v1.10.1...v1.10.2) (2025-03-07)
+
+
+### Bug Fixes
+
+* don't throw error if group claim is missing ([e7b3c48](https://github.com/stonith404/pingvin-share/commit/e7b3c48ff48bd7cfb206c32ea97862b757057573))
+
+## [1.10.1](https://github.com/stonith404/pingvin-share/compare/v1.10.0...v1.10.1) (2025-02-28)
+
+
+### Bug Fixes
+
+* admin property can't be set if OAuth2 user email doesn't match actual user's email ([1159d97](https://github.com/stonith404/pingvin-share/commit/1159d972a8c32a0d6bf53d161c2fc09e6f8dfb28))
+* type error when trying to run the seed command ([b6d1720](https://github.com/stonith404/pingvin-share/commit/b6d1720fe637497ad624c6cdc40058b1b0f0c74c))
+
+## [1.10.0](https://github.com/stonith404/pingvin-share/compare/v1.9.1...v1.10.0) (2025-02-28)
+
+
+### Features
+
+* add ability to configure application with a config file ([#740](https://github.com/stonith404/pingvin-share/issues/740)) ([9dfb52a](https://github.com/stonith404/pingvin-share/commit/9dfb52a14587065dacd9fcd2bb2efa1b458880a5))
+
+
+### Bug Fixes
+
+* confusing config configuration description for session duration ([28fdbc2](https://github.com/stonith404/pingvin-share/commit/28fdbc22814260040c78e27a62d86b84df83751f))
+* page crash if new release check fails ([e848675](https://github.com/stonith404/pingvin-share/commit/e848675d634a08efe3aac4e02d98136c36b36bfc))
+* smtp password gets autofilled in Firefox ([f429142](https://github.com/stonith404/pingvin-share/commit/f4291421b5531b0eeae5bcca9139f80c3cd43b4b))
+
+## [1.9.1](https://github.com/stonith404/pingvin-share/compare/v1.9.0...v1.9.1) (2025-02-14)
+
+
+### Bug Fixes
+
+* page doesn't reload on user deletion ([a2e0313](https://github.com/stonith404/pingvin-share/commit/a2e031326e51f7663c2d864dd0d08a65f180318e))
+* redirection to the OIDC end session endpoint ([ec92e85](https://github.com/stonith404/pingvin-share/commit/ec92e85c8d294b30117ad2599ad03b0bbb04574c))
+
 ## [1.9.0](https://github.com/stonith404/pingvin-share/compare/v1.8.2...v1.9.0) (2025-02-12)
 
 

Dockerfile

@@ -50,11 +50,12 @@ COPY --from=backend-builder /opt/app/node_modules ./node_modules
 COPY --from=backend-builder /opt/app/dist ./dist
 COPY --from=backend-builder /opt/app/prisma ./prisma
 COPY --from=backend-builder /opt/app/package.json ./
+COPY --from=backend-builder /opt/app/tsconfig.json ./
 
 WORKDIR /opt/app
 
 COPY ./reverse-proxy  /opt/app/reverse-proxy
-COPY ./scripts ./scripts
+COPY ./scripts/docker ./scripts/docker
 
 EXPOSE 3000
 

README.md

@@ -16,6 +16,7 @@ Pingvin Share is a self-hosted file sharing platform and an alternative for WeTr
 - Reverse shares
 - OIDC and LDAP authentication
 - Integration with ClamAV for security scans
+- Different file providers: local storage and S3
 
 ## 🐧 Get to know Pingvin Share
 

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share-backend",
-  "version": "1.9.0",
+  "version": "1.10.2",
   "scripts": {
     "build": "nest build",
     "dev": "cross-env NODE_ENV=development nest start --watch",
@@ -13,7 +13,7 @@
     "seed": "ts-node prisma/seed/config.seed.ts"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.679.0",
+    "@aws-sdk/client-s3": "^3.758.0",
     "@nestjs/cache-manager": "^2.2.2",
     "@nestjs/common": "^10.4.3",
     "@nestjs/config": "^3.2.3",
@@ -24,7 +24,7 @@
     "@nestjs/schedule": "^4.1.1",
     "@nestjs/swagger": "^7.4.2",
     "@nestjs/throttler": "^6.2.1",
-    "@prisma/client": "^5.19.1",
+    "@prisma/client": "^6.4.1",
     "@types/jmespath": "^0.15.2",
     "archiver": "^7.0.1",
     "argon2": "^0.41.1",
@@ -50,7 +50,8 @@
     "rimraf": "^6.0.1",
     "rxjs": "^7.8.1",
     "sharp": "^0.33.5",
-    "ts-node": "^10.9.2"
+    "ts-node": "^10.9.2",
+    "yaml": "^2.7.0"
   },
   "devDependencies": {
     "@nestjs/cli": "^10.4.5",
@@ -78,7 +79,7 @@
     "eslint-plugin-prettier": "^5.2.1",
     "newman": "^6.2.1",
     "prettier": "^3.3.3",
-    "prisma": "^5.19.1",
+    "prisma": "^6.4.1",
     "source-map-support": "^0.5.21",
     "ts-loader": "^9.5.1",
     "tsconfig-paths": "4.2.0",

backend/prisma/seed/config.seed.ts

@@ -1,7 +1,7 @@
 import { Prisma, PrismaClient } from "@prisma/client";
 import * as crypto from "crypto";
 
-const configVariables: ConfigVariables = {
+export const configVariables = {
   internal: {
     jwtSecret: {
       type: "string",
@@ -181,12 +181,12 @@ const configVariables: ConfigVariables = {
     },
     searchQuery: {
       type: "string",
-      defaultValue: ""
+      defaultValue: "",
     },
 
     adminGroups: {
       type: "string",
-      defaultValue: ""
+      defaultValue: "",
     },
 
     fieldNameMemberOf: {
@@ -196,18 +196,18 @@ const configVariables: ConfigVariables = {
     fieldNameEmail: {
       type: "string",
       defaultValue: "userPrincipalName",
-    }
+    },
   },
   oauth: {
-    "allowRegistration": {
+    allowRegistration: {
       type: "boolean",
       defaultValue: "true",
     },
-    "ignoreTotp": {
+    ignoreTotp: {
       type: "boolean",
       defaultValue: "true",
     },
-    "disablePassword": {
+    disablePassword: {
       type: "boolean",
       defaultValue: "false",
       secret: false,
@@ -376,7 +376,22 @@ const configVariables: ConfigVariables = {
       defaultValue: "",
       secret: false,
     },
-  }
+  },
+} satisfies ConfigVariables;
+
+export type YamlConfig = {
+  [Category in keyof typeof configVariables]: {
+    [Key in keyof (typeof configVariables)[Category]]: string;
+  };
+} & {
+  initUser: {
+    enabled: string;
+    username: string;
+    email: string;
+    password: string;
+    isAdmin: boolean;
+    ldapDN: string;
+  };
 };
 
 type ConfigVariables = {
@@ -433,7 +448,7 @@ async function migrateConfigVariables() {
   for (const existingConfigVariable of existingConfigVariables) {
     const configVariable =
       configVariables[existingConfigVariable.category]?.[
-      existingConfigVariable.name
+        existingConfigVariable.name
       ];
 
     // Delete the config variable if it doesn't exist in the seed

backend/src/auth/auth.service.ts

@@ -269,10 +269,7 @@ export class AuthService {
           signOutFromProviderSupportedAndActivated
         ) {
           const configuration = await provider.getConfiguration();
-          if (
-            configuration.frontchannel_logout_supported &&
-            URL.canParse(configuration.end_session_endpoint)
-          ) {
+          if (URL.canParse(configuration.end_session_endpoint)) {
             const redirectURI = new URL(configuration.end_session_endpoint);
             redirectURI.searchParams.append(
               "post_logout_redirect_uri",

backend/src/config/config.service.ts

@@ -2,12 +2,17 @@ import {
   BadRequestException,
   Inject,
   Injectable,
+  Logger,
   NotFoundException,
 } from "@nestjs/common";
 import { Config } from "@prisma/client";
+import * as argon from "argon2";
 import { EventEmitter } from "events";
+import * as fs from "fs";
 import { PrismaService } from "src/prisma/prisma.service";
 import { stringToTimespan } from "src/utils/date.util";
+import { parse as yamlParse } from "yaml";
+import { YamlConfig } from "../../prisma/seed/config.seed";
 
 /**
  * ConfigService extends EventEmitter to allow listening for config updates,
@@ -15,6 +20,9 @@ import { stringToTimespan } from "src/utils/date.util";
  */
 @Injectable()
 export class ConfigService extends EventEmitter {
+  yamlConfig?: YamlConfig;
+  logger = new Logger(ConfigService.name);
+
   constructor(
     @Inject("CONFIG_VARIABLES") private configVariables: Config[],
     private prisma: PrismaService,
@@ -22,6 +30,65 @@ export class ConfigService extends EventEmitter {
     super();
   }
 
+  async onModuleInit() {
+    await this.loadYamlConfig();
+
+    if (this.yamlConfig) {
+      await this.migrateInitUser();
+    }
+  }
+
+  private async loadYamlConfig() {
+    let configFile: string = "";
+    try {
+      configFile = fs.readFileSync("../config.yaml", "utf8");
+    } catch (e) {
+      this.logger.log(
+        "Config.yaml is not set. Falling back to UI configuration.",
+      );
+    }
+    try {
+      this.yamlConfig = yamlParse(configFile);
+      if (this.yamlConfig) {
+        for (const configVariable of this.configVariables) {
+          const category = this.yamlConfig[configVariable.category];
+          if (!category) continue;
+
+          configVariable.value = category[configVariable.name];
+        }
+      }
+    } catch (e) {
+      this.logger.error(
+        "Failed to parse config.yaml. Falling back to UI configuration: ",
+        e,
+      );
+    }
+  }
+
+  private async migrateInitUser(): Promise<void> {
+    if (!this.yamlConfig.initUser.enabled) return;
+
+    const userCount = await this.prisma.user.count({
+      where: { isAdmin: true },
+    });
+    if (userCount === 1) {
+      this.logger.log(
+        "Skip initial user creation. Admin user is already existent.",
+      );
+      return;
+    }
+    await this.prisma.user.create({
+      data: {
+        email: this.yamlConfig.initUser.email,
+        username: this.yamlConfig.initUser.username,
+        password: this.yamlConfig.initUser.password
+          ? await argon.hash(this.yamlConfig.initUser.password)
+          : null,
+        isAdmin: this.yamlConfig.initUser.isAdmin,
+      },
+    });
+  }
+
   get(key: `${string}.${string}`): any {
     const configVariable = this.configVariables.filter(
       (variable) => `${variable.category}.${variable.name}` == key,
@@ -40,24 +107,22 @@ export class ConfigService extends EventEmitter {
   }
 
   async getByCategory(category: string) {
-    const configVariables = await this.prisma.config.findMany({
-      orderBy: { order: "asc" },
-      where: { category, locked: { equals: false } },
-    });
+    const configVariables = this.configVariables
+      .filter((c) => !c.locked && category == c.category)
+      .sort((c) => c.order);
 
     return configVariables.map((variable) => {
       return {
         ...variable,
         key: `${variable.category}.${variable.name}`,
         value: variable.value ?? variable.defaultValue,
+        allowEdit: this.isEditAllowed(),
       };
     });
   }
 
   async list() {
-    const configVariables = await this.prisma.config.findMany({
-      where: { secret: { equals: false } },
-    });
+    const configVariables = this.configVariables.filter((c) => !c.secret);
 
     return configVariables.map((variable) => {
       return {
@@ -69,6 +134,11 @@ export class ConfigService extends EventEmitter {
   }
 
   async updateMany(data: { key: string; value: string | number | boolean }[]) {
+    if (!this.isEditAllowed())
+      throw new BadRequestException(
+        "You are only allowed to update config variables via the config.yaml file",
+      );
+
     const response: Config[] = [];
 
     for (const variable of data) {
@@ -79,6 +149,11 @@ export class ConfigService extends EventEmitter {
   }
 
   async update(key: string, value: string | number | boolean) {
+    if (!this.isEditAllowed())
+      throw new BadRequestException(
+        "You are only allowed to update config variables via the config.yaml file",
+      );
+
     const configVariable = await this.prisma.config.findUnique({
       where: {
         name_category: {
@@ -143,4 +218,8 @@ export class ConfigService extends EventEmitter {
       throw new BadRequestException(validation.message);
     }
   }
+
+  isEditAllowed(): boolean {
+    return this.yamlConfig === undefined || this.yamlConfig === null;
+  }
 }

backend/src/config/dto/adminConfig.dto.ts

@@ -17,6 +17,9 @@ export class AdminConfigDTO extends ConfigDTO {
   @Expose()
   obscured: boolean;
 
+  @Expose()
+  allowEdit: boolean;
+
   from(partial: Partial<AdminConfigDTO>) {
     return plainToClass(AdminConfigDTO, partial, {
       excludeExtraneousValues: true,

backend/src/oauth/oauth.service.ts

@@ -63,7 +63,7 @@ export class OAuthService {
       },
     });
     if (oauthUser) {
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(oauthUser.userId, user.isAdmin);
       const updatedUser = await this.prisma.user.findFirst({
         where: {
           id: oauthUser.userId,
@@ -170,7 +170,7 @@ export class OAuthService {
           userId: existingUser.id,
         },
       });
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(existingUser.id, user.isAdmin);
       return this.auth.generateToken(existingUser, { idToken: user.idToken });
     }
 
@@ -196,15 +196,14 @@ export class OAuthService {
     return result;
   }
 
-  private async updateIsAdmin(user: OAuthSignInDto) {
-    if ("isAdmin" in user)
-      await this.prisma.user.update({
-        where: {
-          email: user.email,
-        },
-        data: {
-          isAdmin: user.isAdmin,
-        },
-      });
+  private async updateIsAdmin(userId: string, isAdmin?: boolean) {
+    await this.prisma.user.update({
+      where: {
+        id: userId,
+      },
+      data: {
+        isAdmin: isAdmin === true,
+      },
+    });
   }
 }

backend/src/oauth/provider/genericOidc.provider.ts

@@ -147,38 +147,33 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
 
     if (roleConfig?.path) {
       // A path to read roles from the token is configured
-      let roles: string[] | null;
+      let roles: string[] = [];
       try {
         roles = jmespath.search(idTokenData, roleConfig.path);
       } catch (e) {
-        roles = null;
-      }
-      if (Array.isArray(roles)) {
-        // Roles are found in the token
-        if (
-          roleConfig.generalAccess &&
-          !roles.includes(roleConfig.generalAccess)
-        ) {
-          // Role for general access is configured and the user does not have it
-          this.logger.error(
-            `User roles ${roles} do not include ${roleConfig.generalAccess}`,
-          );
-          throw new ErrorPageException("user_not_allowed");
-        }
-        if (roleConfig.adminAccess) {
-          // Role for admin access is configured
-          isAdmin = roles.includes(roleConfig.adminAccess);
-        }
-      } else {
-        this.logger.error(
+        this.logger.warn(
           `Roles not found at path ${roleConfig.path} in ID Token ${JSON.stringify(
             idTokenData,
             undefined,
             2,
           )}`,
         );
+      }
+
+      if (
+        roleConfig.generalAccess &&
+        !roles.includes(roleConfig.generalAccess)
+      ) {
+        // Role for general access is configured and the user does not have it
+        this.logger.error(
+          `User roles ${roles} do not include ${roleConfig.generalAccess}`,
+        );
         throw new ErrorPageException("user_not_allowed");
       }
+      if (roleConfig.adminAccess) {
+        // Role for admin access is configured
+        isAdmin = roles.includes(roleConfig.adminAccess);
+      }
     }
 
     if (!username) {

config.example.yaml

@@ -0,0 +1,226 @@
+#This configuration is pre-filled with the default values.
+#You can remove keys you don't want to set. If a key is missing, the value set in the UI will be used; if that is also unset, the default value applies.
+
+general:
+  #Name of the application
+  appName: Pingvin Share
+  #On which URL Pingvin Share is available
+  appUrl: http://localhost:3000
+  #Whether to set the secure flag on cookies. If enabled, the site will not function when accessed over HTTP.
+  secureCookies: "false"
+  #Whether to show the home page
+  showHomePage: "true"
+  #Time in hours after which a user must log in again (default: 3 months).
+  sessionDuration: 3 months
+share:
+  #Whether registration is allowed
+  allowRegistration: "true"
+  #Whether unauthenticated users can create shares
+  allowUnauthenticatedShares: "false"
+  #Maximum share expiration. Set to 0 to allow unlimited expiration.
+  maxExpiration: 0 days
+  #Default length for the generated ID of a share. This value is also used to generate links for reverse shares. A value below 8 is not considered secure.
+  shareIdLength: "8"
+  #Maximum share size
+  maxSize: "1000000000"
+  #Adjust the level to balance between file size and compression speed. Valid values range from 0 to 9, with 0 being no compression and 9 being maximum compression. 
+  zipCompressionLevel: "9"
+  #Adjust the chunk size for your uploads to balance efficiency and reliability according to your internet connection. Smaller chunks can enhance success rates for unstable connections, while larger chunks make uploads faster for stable connections.
+  chunkSize: "10000000"
+  #The share creation modal automatically appears when a user selects files, eliminating the need to manually click the button.
+  autoOpenShareModal: "false"
+email:
+  #Whether to allow email sharing with recipients. Only enable this if SMTP is activated.
+  enableShareEmailRecipients: "false"
+  #Subject of the email which gets sent to the share recipients.
+  shareRecipientsSubject: Files shared with you
+  #Message which gets sent to the share recipients. Available variables:
+  # {creator} - The username of the creator of the share
+  # {creatorEmail} - The email of the creator of the share
+  # {shareUrl} - The URL of the share
+  # {desc} - The description of the share
+  # {expires} - The expiration date of the share
+  # These variables will be replaced with the actual value.
+  shareRecipientsMessage: >-
+    Hey!
+
+
+    {creator} ({creatorEmail}) shared some files with you, view or download the
+    files with this link: {shareUrl}
+
+
+    The share will expire {expires}.
+
+
+    Note: {desc}
+
+
+    Shared securely with Pingvin Share 🐧
+  #Subject of the sent email when someone created a share with your reverse share link.
+  reverseShareSubject: Reverse share link used
+  #Message which gets sent when someone created a share with your reverse share link. {shareUrl} will be replaced with the creator's name and the share URL.
+  reverseShareMessage: |-
+    Hey!
+
+    A share was just created with your reverse share link: {shareUrl}
+
+    Shared securely with Pingvin Share 🐧
+  #Subject of the sent email when a user requests a password reset.
+  resetPasswordSubject: Pingvin Share password reset
+  #Message which gets sent when a user requests a password reset. {url} will be replaced with the reset password URL.
+  resetPasswordMessage: >-
+    Hey!
+
+
+    You requested a password reset. Click this link to reset your password:
+    {url}
+
+    The link expires in a hour.
+
+
+    Pingvin Share 🐧
+  #Subject of the sent email when an admin invites a user.
+  inviteSubject: Pingvin Share invite
+  #Message which gets sent when an admin invites a user. {url} will be replaced with the invite URL, {email} with the email and {password} with the users password.
+  inviteMessage: >-
+    Hey!
+
+
+    You were invited to Pingvin Share. Click this link to accept the invite:
+    {url}
+
+
+    You can use the email "{email}" and the password "{password}" to sign in.
+
+
+    Pingvin Share 🐧
+smtp:
+  #Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.
+  enabled: "false"
+  #Only set this to true if you need to trust self signed certificates.
+  allowUnauthorizedCertificates: "false"
+  #Host of the SMTP server
+  host: ""
+  #Port of the SMTP server
+  port: "0"
+  #Email address from wich the emails get sent
+  email: ""
+  #Username of the SMTP server
+  username: ""
+  #Password of the SMTP server
+  password: ""
+ldap:
+  #Use LDAP authentication for user login
+  enabled: "false"
+  #URL of the LDAP server
+  url: ""
+  #Default user used to perform the user search
+  bindDn: ""
+  #Password used to perform the user search
+  bindPassword: ""
+  #Base location, where the user search will be performed
+  searchBase: ""
+  #The user query will be used to search the 'User base' for the LDAP user. %username% can be used as the placeholder for the user given input.
+  searchQuery: ""
+  #Group required for administrative access.
+  adminGroups: ""
+  #LDAP attribute name for the groups, an user is a member of. This is used when checking for the admin group.
+  fieldNameMemberOf: memberOf
+  #LDAP attribute name for the email of an user.
+  fieldNameEmail: userPrincipalName
+oauth:
+  #Allow users to register via social login
+  allowRegistration: "true"
+  #Whether to ignore TOTP when user using social login
+  ignoreTotp: "true"
+  #Whether to disable password login
+  #Make sure that an OAuth provider is properly configured before activating this configuration to avoid being locked out.
+  disablePassword: "false"
+  #Whether GitHub login is enabled
+  github-enabled: "false"
+  #Client ID of the GitHub OAuth app
+  github-clientId: ""
+  #Client secret of the GitHub OAuth app
+  github-clientSecret: ""
+  #Whether Google login is enabled
+  google-enabled: "false"
+  #Client ID of the Google OAuth app
+  google-clientId: ""
+  #Client secret of the Google OAuth app
+  google-clientSecret: ""
+  #Whether Microsoft login is enabled
+  microsoft-enabled: "false"
+  #Tenant ID of the Microsoft OAuth app
+  #common: Users with both a personal Microsoft account and a work or school account from Microsoft Entra ID can sign in to the application. organizations: Only users with work or school accounts from Microsoft Entra ID can sign in to the application.
+  #consumers: Only users with a personal Microsoft account can sign in to the application.
+  #domain name of the Microsoft Entra tenant or the tenant ID in GUID format: Only users from a specific Microsoft Entra tenant (directory members with a work or school account or directory guests with a personal Microsoft account) can sign in to the application.
+  microsoft-tenant: common
+  #Client ID of the Microsoft OAuth app
+  microsoft-clientId: ""
+  #Client secret of the Microsoft OAuth app
+  microsoft-clientSecret: ""
+  #Whether Discord login is enabled
+  discord-enabled: "false"
+  #Limit signing in to users in a specific server. Leave it blank to disable.
+  discord-limitedGuild: ""
+  #Limit signing in to specific users by their Discord ID. Leave it blank to disable.
+  discord-limitedUsers: ""
+  #Client ID of the Discord OAuth app
+  discord-clientId: ""
+  #Client secret of the Discord OAuth app
+  discord-clientSecret: ""
+  #Whether OpenID Connect login is enabled
+  oidc-enabled: "false"
+  #Discovery URI of the OpenID Connect OAuth app
+  oidc-discoveryUri: ""
+  #Whether the “Sign out” button will sign out from the OpenID Connect provider
+  oidc-signOut: "false"
+  #Scopes which should be requested from the OpenID Connect provider.
+  oidc-scope: openid email profile
+  #Username claim in OpenID Connect ID token. Leave it blank if you don't know what this config is.
+  oidc-usernameClaim: ""
+  #Must be a valid JMES path referencing an array of roles. Managing access rights using OpenID Connect roles is only recommended if no other identity provider is configured and password login is disabled. Leave it blank if you don't know what this config is.
+  oidc-rolePath: ""
+  #Role required for general access. Must be present in a user’s roles for them to log in. Leave it blank if you don't know what this config is.
+  oidc-roleGeneralAccess: ""
+  #Role required for administrative access. Must be present in a user’s roles for them to access the admin panel. Leave it blank if you don't know what this config is.
+  oidc-roleAdminAccess: ""
+  #Client ID of the OpenID Connect OAuth app
+  oidc-clientId: ""
+  #Client secret of the OpenID Connect OAuth app
+  oidc-clientSecret: ""
+s3:
+  #Whether S3 should be used to store the shared files instead of the local file system.
+  enabled: "false"
+  #The URL of the S3 bucket.
+  endpoint: ""
+  #The region of the S3 bucket.
+  region: ""
+  #The name of the S3 bucket.
+  bucketName: ""
+  #The default path which should be used to store the files in the S3 bucket.
+  bucketPath: ""
+  #The key which allows you to access the S3 bucket.
+  key: ""
+  #The secret which allows you to access the S3 bucket.
+  secret: ""
+legal:
+  #Whether to show a link to imprint and privacy policy in the footer.
+  enabled: "false"
+  #The text which should be shown in the imprint. Supports Markdown. Leave blank to link to an external imprint page.
+  imprintText: ""
+  #If you already have an imprint page you can link it here instead of using the text field.
+  imprintUrl: ""
+  #The text which should be shown in the privacy policy. Supports Markdown. Leave blank to link to an external privacy policy page.
+  privacyPolicyText: ""
+  #If you already have a privacy policy page you can link it here instead of using the text field.
+  privacyPolicyUrl: ""
+#This configuration is used to create the initial user when the application is started for the first time.
+#Make sure to change at least the password as soon as you log in!
+initUser:
+  enabled: false
+  username: admin
+  email: admin@example.com
+  password: my-secure-password
+  isAdmin: true
+  ldapDN: ""

docker-compose.local.yml

@@ -0,0 +1,12 @@
+services:
+  pingvin-share:
+    build: .
+    restart: unless-stopped
+    ports:
+      - 3001:3000
+    environment:
+      - TRUST_PROXY=false
+    volumes:
+      - "./data:/opt/app/backend/data"
+      - "./data/images:/opt/app/frontend/public/img"
+#      - "./config.yaml:/opt/app/config.yaml"

docker-compose.yml

@@ -9,6 +9,7 @@ services:
     volumes:
       - "./data:/opt/app/backend/data"
       - "./data/images:/opt/app/frontend/public/img"
+  #      - "./config.yaml:/opt/app/config.yaml" # Add this line, if you want to configure pingvin-share via config file and not via UI
 
   # To add ClamAV, to scan your shares for malicious files, 
   # see https://stonith404.github.io/pingvin-share/setup/integrations/#clamav-docker-only

docs/docs/setup/configuration.md

@@ -4,27 +4,21 @@ id: configuration
 
 # Configuration
 
-You can customize Pingvin Share by going to the configuration page in your admin dashboard `/admin/config`.
+## General configuration
 
-## General
+There are plenty of settings you can adjust to your needs. Pingvin Share can be configured in two ways:
 
-The **General** Tab will let you customize your Pingvin Share instance to your liking.
+### UI
 
-### App name
+You can change the settings in the UI (`/admin/config`)
 
-To change the name of your instance, insert any text into `App name`.
+### YAML file
 
-### App URL
+You can set the configuration via a YAML file. If you choose this way, you won't be able to change the settings in the UI.
 
-To make your App available trough your own **domain**, insert your specific domain and also subdomain if needed. Add an `https://` if you have an SSL certificate installed. If this is not the case, use `http://`.
+If you use Docker you can create a `config.yml` file based on the [`config.example.yaml`](https://github.com/stonith404/pingvin-share/blob/main/config.yaml) and mount it to `/opt/app/config.yaml` in the container.
 
-### Show home page
-
-If you don't like the **home page** Pingvin Share provides and you just want the upload tab to be the main page, toggle this to `true`.
-
-### Logo
-
-Not only you can change your instances name, but also the logo it shows everywhere. To do that, upload an image as `png` with a 1:1 aspect ratio.
+If you run Pingvin Share without Docker, you can create a `config.yml` file based on the [`config.example.yaml`](https://github.com/stonith404/pingvin-share/blob/main/config.yaml) in the root directory of the project.
 
 ---
 
@@ -50,9 +44,10 @@ For installation specific configuration, you can use environment variables. The
 | `API_URL` | `http://localhost:8080` | The URL of the backend for the frontend. |
 
 #### Docker specific
+
 Environment variables that are only available when running Pingvin Share with Docker.
 
-| Variable      | Default Value | Description                                                                                                 |
-| ------------- | ------------- | ----------------------------------------------------------------------------------------------------------- |
-| `TRUST_PROXY` | `false`       | Whether Pingvin Share is behind a reverse proxy. If set to `true`, the `X-Forwarded-For` header is trusted. |
-| `PUID` and `PGID` | `1000`       |  The user and group ID of the user who should run Pingvin Share inside the Docker container and owns the files that are mounted with the volume. You can get the `PUID` and `GUID` of your user on your host machine by using the command `id`. For more information see [this article](https://docs.linuxserver.io/general/understanding-puid-and-pgid/#using-the-variables). |
+| Variable          | Default Value | Description                                                                                                                                                                                                                                                                                                                                                                   |
+| ----------------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `TRUST_PROXY`     | `false`       | Whether Pingvin Share is behind a reverse proxy. If set to `true`, the `X-Forwarded-For` header is trusted.                                                                                                                                                                                                                                                                   |
+| `PUID` and `PGID` | `1000`        | The user and group ID of the user who should run Pingvin Share inside the Docker container and owns the files that are mounted with the volume. You can get the `PUID` and `GUID` of your user on your host machine by using the command `id`. For more information see [this article](https://docs.linuxserver.io/general/understanding-puid-and-pgid/#using-the-variables). |

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "pingvin-share-frontend",
-  "version": "1.9.0",
+  "version": "1.10.2",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "pingvin-share-frontend",
-      "version": "1.9.0",
+      "version": "1.10.2",
       "dependencies": {
         "@emotion/react": "^11.13.3",
         "@emotion/server": "^11.11.0",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share-frontend",
-  "version": "1.9.0",
+  "version": "1.10.2",
   "scripts": {
     "dev": "next dev",
     "build": "next build",

frontend/src/components/admin/configuration/AdminConfigInput.tsx

@@ -8,9 +8,9 @@ import {
 } from "@mantine/core";
 import { useForm } from "@mantine/form";
 import { AdminConfig, UpdateConfig } from "../../../types/config.type";
-import TimespanInput from "../../core/TimespanInput";
 import { stringToTimespan, timespanToString } from "../../../utils/date.util";
 import FileSizeInput from "../../core/FileSizeInput";
+import TimespanInput from "../../core/TimespanInput";
 
 const AdminConfigInput = ({
   configVariable,
@@ -41,9 +41,11 @@ const AdminConfigInput = ({
       {configVariable.type == "string" &&
         (configVariable.obscured ? (
           <PasswordInput
+            autoComplete="new-password"
             style={{
               width: "100%",
             }}
+            disabled={!configVariable.allowEdit}
             {...form.getInputProps("stringValue")}
             onChange={(e) => onValueChange(configVariable, e.target.value)}
           />
@@ -52,6 +54,7 @@ const AdminConfigInput = ({
             style={{
               width: "100%",
             }}
+            disabled={!configVariable.allowEdit}
             {...form.getInputProps("stringValue")}
             placeholder={configVariable.defaultValue}
             onChange={(e) => onValueChange(configVariable, e.target.value)}
@@ -63,6 +66,7 @@ const AdminConfigInput = ({
           style={{
             width: "100%",
           }}
+          disabled={!configVariable.allowEdit}
           autosize
           {...form.getInputProps("textValue")}
           placeholder={configVariable.defaultValue}
@@ -72,6 +76,7 @@ const AdminConfigInput = ({
       {configVariable.type == "number" && (
         <NumberInput
           {...form.getInputProps("numberValue")}
+          disabled={!configVariable.allowEdit}
           placeholder={configVariable.defaultValue}
           onChange={(number) => onValueChange(configVariable, number)}
           w={201}
@@ -80,6 +85,7 @@ const AdminConfigInput = ({
       {configVariable.type == "filesize" && (
         <FileSizeInput
           {...form.getInputProps("numberValue")}
+          disabled={!configVariable.allowEdit}
           value={parseInt(configVariable.value ?? configVariable.defaultValue)}
           onChange={(bytes) => onValueChange(configVariable, bytes)}
           w={201}
@@ -88,6 +94,7 @@ const AdminConfigInput = ({
       {configVariable.type == "boolean" && (
         <>
           <Switch
+            disabled={!configVariable.allowEdit}
             {...form.getInputProps("booleanValue", { type: "checkbox" })}
             onChange={(e) => onValueChange(configVariable, e.target.checked)}
           />
@@ -96,6 +103,7 @@ const AdminConfigInput = ({
       {configVariable.type == "timespan" && (
         <TimespanInput
           value={stringToTimespan(configVariable.value)}
+          disabled={!configVariable.allowEdit}
           onChange={(timespan) =>
             onValueChange(configVariable, timespanToString(timespan))
           }

frontend/src/i18n/translations/ar-EG.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "الإعدادات",
   "admin.config.category.general": "عام",
   "admin.config.category.share": "مشاركة",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "إظهار الصفحة الرئيسية",
   "admin.config.general.show-home-page.description": "تحديد ما إذا كان سيتم عرض الصفحة الرئيسية",
   "admin.config.general.session-duration": "مدة الجلسة",
-  "admin.config.general.session-duration.description": "الوقت بالساعات الذي يجب على المستخدم بعده إعادة تسجيل الدخول (الافتراضي: 3 أشهر).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "الشعار",
   "admin.config.general.logo.description": "يمكنك تغيير شعارك عن طريق تحميل صورة جديدة. يجب أن تكون الصورة PNG ويجب أن يكون تنسيقها 1:1.",
   "admin.config.general.logo.placeholder": "اختر صورة",

frontend/src/i18n/translations/cs-CZ.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Nastavení",
   "admin.config.category.general": "Obecné",
   "admin.config.category.share": "Sdílení",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Zobrazit domovskou stránku",
   "admin.config.general.show-home-page.description": "Zda zobrazovat domovskou stránku",
   "admin.config.general.session-duration": "Délka trvání relace",
-  "admin.config.general.session-duration.description": "Čas v hodinách, po kterém se uživatel musí znovu přihlásit (výchozí: 3 měsíce).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Změňte své logo nahráním nového obrázku. Obrázek musí být PNG a měl by mít formát 1:1.",
   "admin.config.general.logo.placeholder": "Vybrat obrázek",

frontend/src/i18n/translations/da-DK.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguration",
   "admin.config.category.general": "Generelt",
   "admin.config.category.share": "Del",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Vis forside",
   "admin.config.general.show-home-page.description": "Om forsiden skal vises",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Skift dit logo ved at uploade et nyt billede. Billedet skal være PNG og skal have formatet 1:1.",
   "admin.config.general.logo.placeholder": "Vælg billede",

frontend/src/i18n/translations/de-DE.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Datenschutzerklärung",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Konfigurationsdatei aktiv",
+  "admin.config.config-file-warning.description": "Da Pingvin Share mit einer Konfigurationsdatei konfiguriert ist, kann die Konfiguration nicht über die Benutzeroberfläche geändert werden.",
   "admin.config.title": "Einstellungen",
   "admin.config.category.general": "Allgemein",
   "admin.config.category.share": "Freigabe",

frontend/src/i18n/translations/el-GR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Διαμόρφωση",
   "admin.config.category.general": "Γενικά",
   "admin.config.category.share": "Διαμοιρασμός",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Εμφάνιση αρχικής σελίδας",
   "admin.config.general.show-home-page.description": "Εάν θα εμφανίζεται η αρχική σελίδα",
   "admin.config.general.session-duration": "Διάρκεια συνεδρίας",
-  "admin.config.general.session-duration.description": "Χρόνος σε ώρες μετά την οποία ένας χρήστης πρέπει να συνδεθεί ξανά (προεπιλογή: 3 μήνες).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Λογότυπο",
   "admin.config.general.logo.description": "Αλλάξτε το λογότυπό σας ανεβάζοντας μια νέα εικόνα. Η εικόνα πρέπει να είναι PNG και αναλογία 1:1.",
   "admin.config.general.logo.placeholder": "Επιλέξτε εικόνα",

frontend/src/i18n/translations/en-US.ts

@@ -414,6 +414,9 @@ export default {
   // END /privacy
 
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
+
   "admin.config.title": "Configuration",
   "admin.config.category.general": "General",
   "admin.config.category.share": "Share",
@@ -434,7 +437,7 @@ export default {
     "Whether to show the home page",
   "admin.config.general.session-duration": "Session Duration",
   "admin.config.general.session-duration.description":
-    "Time in hours after which a user must log in again (default: 3 months).",
+    "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description":
     "Change your logo by uploading a new image. The image must be a PNG and should have the format 1:1.",
@@ -503,7 +506,7 @@ export default {
   "admin.config.smtp.port.description": "Port of the SMTP server",
   "admin.config.smtp.email": "Email",
   "admin.config.smtp.email.description":
-    "Email address from wich the emails get sent",
+    "Email address from which the emails get sent",
   "admin.config.smtp.username": "Username",
   "admin.config.smtp.username.description": "Username of the SMTP server",
   "admin.config.smtp.password": "Password",

frontend/src/i18n/translations/es-ES.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Política de privacidad",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Configuración",
   "admin.config.category.general": "General",
   "admin.config.category.share": "Compartido",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Mostrar página de inicio",
   "admin.config.general.show-home-page.description": "Mostrar o no la página de inicio",
   "admin.config.general.session-duration": "Duración de la sesión",
-  "admin.config.general.session-duration.description": "Tiempo en horas después del cual un usuario debe iniciar sesión de nuevo (por defecto: 3 meses).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Cambia tu logo subiendo una nueva imagen. La imagen debe ser un PNG y debe estar en formato 1:1.",
   "admin.config.general.logo.placeholder": "Elegir imagen",

frontend/src/i18n/translations/fi-FI.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Asetukset",
   "admin.config.category.general": "Yleiset",
   "admin.config.category.share": "Jako",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Näytä kotisivu",
   "admin.config.general.show-home-page.description": "Näytetäänkö kotisivu vai ei",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Muuta logoa lataamalla uusi kuva. Kuvan on oltava PNG ja sen on oltava formaatti 1:1.",
   "admin.config.general.logo.placeholder": "Valitse kuva",

frontend/src/i18n/translations/fr-FR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Politique de confidentialité",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Paramètres",
   "admin.config.category.general": "Général",
   "admin.config.category.share": "Partage",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Afficher la page d’accueil",
   "admin.config.general.show-home-page.description": "Afficher ou non la page d’accueil",
   "admin.config.general.session-duration": "Durée de la session",
-  "admin.config.general.session-duration.description": "Nombre d’heures après lesquelles un utilisateur doit se reconnecter (par défaut : 3 mois).",
+  "admin.config.general.session-duration.description": "Temps après lequel un utilisateur doit se reconnecter (par défaut : 3 mois).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Changez de logo en envoyant une nouvelle image. L’image doit être au format PNG et doit avoir un ratio 1:1.",
   "admin.config.general.logo.placeholder": "Sélectionner une image",

frontend/src/i18n/translations/hr-HR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguracija",
   "admin.config.category.general": "Opće",
   "admin.config.category.share": "Dijeljenje",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Prikaži početnu stranicu",
   "admin.config.general.show-home-page.description": "Želite li prikazati početnu stranicu",
   "admin.config.general.session-duration": "Trajanje sesije",
-  "admin.config.general.session-duration.description": "Vrijeme u satima nakon kojeg se korisnik mora ponovno prijaviti (zadano: 3 mjeseca).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Promijenite svoj logotip učitavanjem nove slike. Slika mora biti PNG i imati format 1:1.",
   "admin.config.general.logo.placeholder": "Odaberite sliku",

frontend/src/i18n/translations/hu-HU.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguráció",
   "admin.config.category.general": "Általános",
   "admin.config.category.share": "Megosztás",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Kezdőlap mutatása",
   "admin.config.general.show-home-page.description": "A kezdőlap mutatásának ki- és bekapcsolása",
   "admin.config.general.session-duration": "Munkamenet időtartama",
-  "admin.config.general.session-duration.description": "Annak az időtartamnak a megadása, amit követően a felhasználónak ismét be kell jelentkeznie (alapérték: 3 hónap).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logó",
   "admin.config.general.logo.description": "A logó személyessé tételéhez töltsön fel egy új képet. A formátum legyen PNG, az oldalarány 1:1.",
   "admin.config.general.logo.placeholder": "Kép kiválasztása",

frontend/src/i18n/translations/it-IT.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Informativa sulla privacy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Configurazione",
   "admin.config.category.general": "Generale",
   "admin.config.category.share": "Condivisioni",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Visualizza Home Page",
   "admin.config.general.show-home-page.description": "Indica se mostrare la home page",
   "admin.config.general.session-duration": "Durata della sessione",
-  "admin.config.general.session-duration.description": "Tempo in ore dopo il quale un utente deve accedere nuovamente (default: 3 mesi).",
+  "admin.config.general.session-duration.description": "Tempo dopo il quale un utente deve accedere di nuovo (default: tre mesi).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Cambia il tuo logo caricando una nuova immagine. L'immagine deve essere un PNG e dovrebbe avere il formato 1:1.",
   "admin.config.general.logo.placeholder": "Scegli un'immagine",

frontend/src/i18n/translations/ja-JP.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "プライバシーポリシー",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "設定",
   "admin.config.category.general": "一般",
   "admin.config.category.share": "共有",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "ホームページを表示する",
   "admin.config.general.show-home-page.description": "ホームページを表示するかどうか選択",
   "admin.config.general.session-duration": "セッション期間",
-  "admin.config.general.session-duration.description": "ユーザーが再度ログインする必要がある時間（時間単位）（デフォルト: 3 か月）。",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "ロゴ",
   "admin.config.general.logo.description": "新しい画像をアップロードしてロゴを変更できます。画像は、PNG形式でアスペクト比が1:1である必要があります。",
   "admin.config.general.logo.placeholder": "画像を選択",

frontend/src/i18n/translations/ko-KR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "구성",
   "admin.config.category.general": "일반",
   "admin.config.category.share": "공유",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "홈 페이지 표시",
   "admin.config.general.show-home-page.description": "홈 페이지를 표시할지 여부",
   "admin.config.general.session-duration": "세션 기간",
-  "admin.config.general.session-duration.description": "사용자가 다시 로그인해야 하는 시간 (기본값: 3개월)",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "로고",
   "admin.config.general.logo.description": "새 이미지를 업로드하여 로고를 변경하십시오. 이미지는 PNG여야 하며 1:1 비율이어야 합니다.",
   "admin.config.general.logo.placeholder": "이미지 선택",

frontend/src/i18n/translations/nl-BE.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Configuratie",
   "admin.config.category.general": "Algemeen",
   "admin.config.category.share": "Delen",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Toon startpagina",
   "admin.config.general.show-home-page.description": "Toon of verberg de home pagina",
   "admin.config.general.session-duration": "Sessieduur",
-  "admin.config.general.session-duration.description": "Tijd in uren waarna een gebruiker zich opnieuw moet aanmelden (standaard: 3 maanden).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Verander uw logo door een nieuwe afbeelding te uploaden. De afbeelding moet PNG zijn en het formaat moet 1:1 hebben.",
   "admin.config.general.logo.placeholder": "Afbeelding kiezen",

frontend/src/i18n/translations/pl-PL.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguracja",
   "admin.config.category.general": "Ogólne",
   "admin.config.category.share": "Udostępnij",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Pokaż stronę główną",
   "admin.config.general.show-home-page.description": "Czy wyświetlać stronę główną",
   "admin.config.general.session-duration": "Czas trwania sesji",
-  "admin.config.general.session-duration.description": "Czas w godzinach, po którym użytkownik musi zalogować się ponownie (domyślnie: 3 miesiące).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Zmień logo, przesyłając nowy obraz. Obraz musi być plikiem PNG i mieć proporcje 1:1.",
   "admin.config.general.logo.placeholder": "Wybierz obraz",

frontend/src/i18n/translations/pt-BR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Política de Privacidade",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Configuração",
   "admin.config.category.general": "Geral",
   "admin.config.category.share": "Compartilhamento",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Mostrar a página inicial",
   "admin.config.general.show-home-page.description": "Mostrar ou não a página inicial",
   "admin.config.general.session-duration": "Duração de sessão",
-  "admin.config.general.session-duration.description": "Tempo em horas após o qual um usuário deve iniciar a sessão novamente (padrão: 3 meses).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Alterar o seu logo carregando uma nova imagem. A imagem deve ser PNG e deve ter o formato 1:1.",
   "admin.config.general.logo.placeholder": "Escolhe uma imagem",

frontend/src/i18n/translations/ru-RU.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Конфигурация",
   "admin.config.category.general": "Общее",
   "admin.config.category.share": "Загрузки",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Показывать домашнюю страницу",
   "admin.config.general.show-home-page.description": "Показывать ли домашнюю страницу или нет",
   "admin.config.general.session-duration": "Длительность сессии",
-  "admin.config.general.session-duration.description": "Время в часах, после которого пользователь должен снова войти (по умолчанию: 3 месяца).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Логотип",
   "admin.config.general.logo.description": "Измените свой логотип, загрузив новое изображение. Изображение должно быть PNG и должно иметь формат 1:1.",
   "admin.config.general.logo.placeholder": "Выберите изображение",

frontend/src/i18n/translations/sl-SI.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Nastavitve",
   "admin.config.category.general": "Splošno",
   "admin.config.category.share": "Delitev",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Prikaži domačo stran",
   "admin.config.general.show-home-page.description": "Ali prikazati domačo stran",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logotip",
   "admin.config.general.logo.description": "Naložite novo sliko, da spremenite logotip. Datoteka mora biti tipa PNG in imeti razmerje 1:1.",
   "admin.config.general.logo.placeholder": "Izberite sliko",

frontend/src/i18n/translations/sr-CS.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguracija",
   "admin.config.category.general": "Opšte",
   "admin.config.category.share": "Deljenje",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Prikaži početnu stranicu",
   "admin.config.general.show-home-page.description": "Da li da se prikaže početna stranica",
   "admin.config.general.session-duration": "Trajanje sesije",
-  "admin.config.general.session-duration.description": "Vreme u satima nakon kojeg korisnik mora ponovo da se prijavi (podrazumevano: 3 meseca).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Promenite svoj logotip tako što ćete otpremiti novu sliku. Slika mora da bude PNG i treba da ima format 1:1.",
   "admin.config.general.logo.placeholder": "Izaberi sliku",

frontend/src/i18n/translations/sr-SP.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Конфигурација",
   "admin.config.category.general": "Опште",
   "admin.config.category.share": "Дељење",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Прикажи почетну страницу",
   "admin.config.general.show-home-page.description": "Да ли да се прикаже почетна страница",
   "admin.config.general.session-duration": "Трајање сесије",
-  "admin.config.general.session-duration.description": "Време у сатима након којег корисник мора поново да се пријави (подразумевано: 3 месеца).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Лого",
   "admin.config.general.logo.description": "Промените свој логотип тако што ћете отпремити нову слику. Слика мора да буде PNG и треба да има формат 1:1.",
   "admin.config.general.logo.placeholder": "Изабери слику",

frontend/src/i18n/translations/sv-SE.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Konfiguration",
   "admin.config.category.general": "Allmänt",
   "admin.config.category.share": "Delning",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Visa startsidan",
   "admin.config.general.show-home-page.description": "Om du vill visa startsidan",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logotyp",
   "admin.config.general.logo.description": "Ändra din logotyp genom att ladda upp en ny bild. Bilden måste vara en PNG och bör ha formatet 1:1.",
   "admin.config.general.logo.placeholder": "Välj bild",

frontend/src/i18n/translations/th-TH.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "การตั้งค่า",
   "admin.config.category.general": "ทั่วไป",
   "admin.config.category.share": "การแชร์",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "แสดงหน้าแรก",
   "admin.config.general.show-home-page.description": "หากติ๊ก เว็บไซต์จะแสดงหน้าหลักเวลาเข้าถึง URL หลัก",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "โลโก้",
   "admin.config.general.logo.description": "เปลี่ยนโลโก้โดยอัปโหลดรูปภาพใหม่ รูปภาพต้องเป็น PNG และควรมีขนาดอัตราส่วน 1:1",
   "admin.config.general.logo.placeholder": "คลิกที่นี่หรือลากไฟล์มา",

frontend/src/i18n/translations/tr-TR.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Gizlilik Politikası",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Yapılandırma",
   "admin.config.category.general": "Genel",
   "admin.config.category.share": "Paylaş",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Ana sayfayı göster",
   "admin.config.general.show-home-page.description": "Ana sayfanın gösterilip gösterilmeyeceği",
   "admin.config.general.session-duration": "Oturum Süresi",
-  "admin.config.general.session-duration.description": "Bir kullanıcının tekrar oturum açması gereken saat cinsinden süre (varsayılan: 3 ay).",
+  "admin.config.general.session-duration.description": "Kullanıcının tekrar oturum açması için gereken süre (varsayılan süre: 3 ay).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Yeni bir resim yükleyerek logonuzu değiştirin. Resim PNG formatında olmalı ve 1:1 oranında olmalıdır.",
   "admin.config.general.logo.placeholder": "Resim seç",

frontend/src/i18n/translations/uk-UA.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Політика конфіденційності",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Конфігурація",
   "admin.config.category.general": "Загальне",
   "admin.config.category.share": "Завантаження",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Показувати домашню сторінку",
   "admin.config.general.show-home-page.description": "Показувати домашню сторінку чи ні",
   "admin.config.general.session-duration": "Тривалість сеансу",
-  "admin.config.general.session-duration.description": "Час у годинах, після якого користувач повинен знову увійти в систему (за замовчуванням: 3 місяці).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Логотип",
   "admin.config.general.logo.description": "Змініть свій логотип, завантаживши нове зображення. Зображення має бути PNG і повинно мати формат 1:1.",
   "admin.config.general.logo.placeholder": "Виберіть зображення",

frontend/src/i18n/translations/vi-VN.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "Configuration",
   "admin.config.category.general": "Tổng quan",
   "admin.config.category.share": "Share",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "Show home page",
   "admin.config.general.show-home-page.description": "Whether to show the home page",
   "admin.config.general.session-duration": "Session Duration",
-  "admin.config.general.session-duration.description": "Time in hours after which a user must log in again (default: 3 months).",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "Change your logo by uploading a new image. The image must be a PNG and should have the format 1:1.",
   "admin.config.general.logo.placeholder": "Chọn ảnh",

frontend/src/i18n/translations/zh-CN.ts

@@ -16,9 +16,9 @@ export default {
   "home.bullet.a.name": "完全自建",
   "home.bullet.a.description": "轻松使用私有服务器搭建文件共享平台",
   "home.bullet.b.name": "完全隐私",
-  "home.bullet.b.description": "Your files are yours and will never be accessed by third parties.",
+  "home.bullet.b.description": "您的文件只属于您，永远无法被第三方访问。",
   "home.bullet.c.name": "完全无限",
-  "home.bullet.c.description": "Upload files as big as you want. Only your hard drive will be your limit.",
+  "home.bullet.c.description": "您希望上传多大的文件都可以。硬盘容量的大小是您唯一的限制。",
   "home.button.start": "开始使用",
   "home.button.source": "源代码",
   // END /
@@ -58,12 +58,12 @@ export default {
   // /auth/reset-password
   "resetPassword.title": "忘记密码？",
   "resetPassword.description": "请输入电子邮箱地址来接收重置密码邮件",
-  "resetPassword.notify.success": "A message with a link to reset your password has been sent if the provided email exists.",
+  "resetPassword.notify.success": "系统已向您的邮箱发送一条包含重置密码链接的邮件。（若该电子邮箱存在）",
   "resetPassword.button.back": "返回登录页面",
   "resetPassword.text.resetPassword": "重置密码",
   "resetPassword.text.enterNewPassword": "请输入新密码",
   "resetPassword.input.password": "新密码",
-  "resetPassword.notify.passwordReset": "Your password has been successfully reset.",
+  "resetPassword.notify.passwordReset": "您的密码已成功重置。",
   // /account
   "account.title": "我的账户",
   "account.card.info.title": "账户信息",
@@ -73,7 +73,7 @@ export default {
   "account.card.password.title": "密码",
   "account.card.password.old": "旧密码",
   "account.card.password.new": "新密码",
-  "account.card.password.noPasswordSet": "You do not have a password set. To sign in using your email and password, you need to create a password.",
+  "account.card.password.noPasswordSet": "您还未设置密码。如果您想通过邮箱和密码登录，请先设置密码。",
   "account.notify.password.success": "密码更改成功！",
   "account.card.oauth.title": "社交账号登录",
   "account.card.oauth.github": "GitHub",
@@ -85,7 +85,7 @@ export default {
   "account.card.oauth.unlink": "解除关联",
   "account.card.oauth.unlinked": "已解除关联",
   "account.modal.unlink.title": "解除关联",
-  "account.modal.unlink.description": "Unlinking your social accounts may cause you to lose your account if you don't remember your login credentials",
+  "account.modal.unlink.description": "如果您不记得您的用户名和密码，解除和社交账号的关联可能会导致丢失账户",
   "account.notify.oauth.unlinked.success": "解除关联成功",
   "account.card.security.title": "安全",
   "account.card.security.totp.enable.description": "请输入当前密码开启两步验证",
@@ -121,15 +121,15 @@ export default {
   "account.shares.table.name": "共享后缀",
   "account.shares.table.description": "描述",
   "account.shares.table.visitors": "已访问",
-  "account.shares.table.expiresAt": "Expires on",
-  "account.shares.table.createdAt": "Created on",
+  "account.shares.table.expiresAt": "过期于",
+  "account.shares.table.createdAt": "创建于",
   "account.shares.table.size": "文件大小",
-  "account.shares.table.password-protected": "Password protected",
+  "account.shares.table.password-protected": "密码保护",
   "account.shares.table.visitor-count": "{count} of {max}",
-  "account.shares.table.expiry-never": "Never",
+  "account.shares.table.expiry-never": "永不",
   "account.shares.modal.share-informations": "共享信息",
   "account.shares.modal.share-link": "共享链接",
-  "account.shares.modal.delete.title": "Delete share: {share}",
+  "account.shares.modal.delete.title": "删除共享 {share}",
   "account.shares.modal.delete.description": "你真的想删除这个共享吗？",
   // END /account/shares
   // /account/reverseShares
@@ -138,7 +138,7 @@ export default {
   "account.reverseShares.title.empty": "这里空空如也 👀",
   "account.reverseShares.description.empty": "你没有创建任何预留共享",
   // showCreateReverseShareModal.tsx
-  "account.reverseShares.modal.title": "创建反向共享",
+  "account.reverseShares.modal.title": "创建预留共享",
   "account.reverseShares.modal.expiration.label": "过期时间",
   "account.reverseShares.modal.expiration.minute-singular": "1 分钟",
   "account.reverseShares.modal.expiration.minute-plural": "分钟",
@@ -153,12 +153,12 @@ export default {
   "account.reverseShares.modal.expiration.year-singular": "1 年",
   "account.reverseShares.modal.expiration.year-plural": "年",
   "account.reverseShares.modal.max-size.label": "共享文件上限",
-  "account.reverseShares.modal.send-email": "Send email notifications",
-  "account.reverseShares.modal.send-email.description": "Sends you an email notification when a share is created with this reverse share link.",
+  "account.reverseShares.modal.send-email": "发送电子邮件通知",
+  "account.reverseShares.modal.send-email.description": "当使用此预留共享链接创建共享时，向您发送电子邮件通知。",
   "account.reverseShares.modal.simplified": "简单模式",
-  "account.reverseShares.modal.simplified.description": "Make it easy for the person uploading the file to share it with you. They will only be able to customize the name and description of the share.",
+  "account.reverseShares.modal.simplified.description": "让上传者更轻松地与你共享文件。他们仅能自定义共享的名称和描述。",
   "account.reverseShares.modal.public-access": "公开访问",
-  "account.reverseShares.modal.public-access.description": "Make the shares created with this reverse share public. If disabled, only you and the share creator will have access to view it.",
+  "account.reverseShares.modal.public-access.description": "公开使用此预留共享创建的共享。如果禁用，则只有您和共享创建者才能查看。",
   "account.reverseShares.modal.max-use.label": "最大使用次数",
   "account.reverseShares.modal.max-use.description": "这个预留共享链接可被用于创建共享的最大使用次数",
   "account.reverseShare.never-expires": "这个预留共享永不过期",
@@ -186,14 +186,14 @@ export default {
   "admin.users.table.username": "用户名",
   "admin.users.table.email": "电子邮件",
   "admin.users.table.admin": "管理员",
-  "admin.users.edit.update.title": "Edit user: {username}",
+  "admin.users.edit.update.title": "编辑用户 {username}",
   "admin.users.edit.update.admin-privileges": "管理员",
   "admin.users.edit.update.change-password.title": "更改密码",
   "admin.users.edit.update.change-password.field": "新密码",
   "admin.users.edit.update.change-password.button": "保存新密码",
   "admin.users.edit.update.notify.password.success": "密码更新成功！",
-  "admin.users.edit.delete.title": "Delete user: {username} ?",
-  "admin.users.edit.delete.description": "Do you really want to delete this user and all their shares?",
+  "admin.users.edit.delete.title": "删除用户 {username} ？",
+  "admin.users.edit.delete.description": "你真的想删除这个账户，并删除该用户所有的共享吗？",
   // showCreateUserModal.tsx
   "admin.users.modal.create.title": "创建用户",
   "admin.users.modal.create.username": "用户名",
@@ -209,20 +209,20 @@ export default {
   "admin.shares.table.id": "共享 ID",
   "admin.shares.table.username": "创建者",
   "admin.shares.table.visitors": "访问者",
-  "admin.shares.table.expires": "Expires on",
-  "admin.shares.edit.delete.title": "Delete share: {id}",
+  "admin.shares.table.expires": "过期于",
+  "admin.shares.edit.delete.title": "删除共享 {id}",
   "admin.shares.edit.delete.description": "你真的要删除这个共享吗？",
   // END /admin/shares
   // /upload
   "upload.title": "上传",
-  "upload.notify.confirm-leave": "Are you sure you want to leave this page? Your upload will be canceled.",
+  "upload.notify.confirm-leave": "您确定要离开此页面吗？您的上传将被取消。",
   "upload.notify.generic-error": "创建共享的过程中发生了错误",
   "upload.notify.count-failed": "{count} 文件上传失败，请重试",
-  "upload.reverse-share.error.invalid.title": "Invalid reverse share link",
-  "upload.reverse-share.error.invalid.description": "This reverse share has expired or is invalid.",
+  "upload.reverse-share.error.invalid.title": "无效的预留共享链接",
+  "upload.reverse-share.error.invalid.description": "这个预留分享已过期或无效。",
   // Dropzone.tsx
   "upload.dropzone.title": "上传文件",
-  "upload.dropzone.description": "Drag'n'drop files here to start your share. We only accept files up to {maxSize} in total.",
+  "upload.dropzone.description": "拖放至此以上传文件，文件大小不能超过 {maxSize}。",
   "upload.dropzone.notify.file-too-big": "你的文件超过了最大上传限制 {maxSize}",
   // FileList.tsx
   "upload.filelist.name": "文件名",
@@ -234,8 +234,8 @@ export default {
   "upload.modal.not-signed-in": "当前没有登录",
   "upload.modal.not-signed-in-description": "你将不能删除你的共享或查看访问次数",
   "upload.modal.expires.never": "永不",
-  "upload.modal.expires.never-long": "Permanent share",
-  "upload.modal.expires.error.too-long": "Expiration date exceeds the maximum of {max}.",
+  "upload.modal.expires.never-long": "永久分享",
+  "upload.modal.expires.error.too-long": "有效期超过 {max} 的最大值。",
   "upload.modal.link.label": "共享链接",
   "upload.modal.expires.label": "过期时间",
   "upload.modal.expires.minute-singular": "1 分钟",
@@ -278,16 +278,16 @@ export default {
   "share.error.access-denied.title": "私有共享",
   "share.error.access-denied.description": "当前账户没有权限访问此共享",
   "share.modal.password.title": "需要密码",
-  "share.modal.password.description": "Please enter the password to access this share.",
+  "share.modal.password.description": "请输入密码以访问此共享。",
   "share.modal.password": "密码",
   "share.modal.error.invalid-password": "密码错误",
   "share.button.download-all": "全部下载",
-  "share.notify.download-all-preparing": "The share is being prepared. Please try again in a few minutes.",
+  "share.notify.download-all-preparing": "该共享正在处理中，请稍等片刻。",
   "share.modal.file-link": "文件链接",
   "share.table.name": "文件名",
   "share.table.size": "文件大小",
   "share.modal.file-preview.error.not-supported.title": "该文件类型不支持预览",
-  "share.modal.file-preview.error.not-supported.description": "Previews are not supported for this type of files. Please download the file to view it.",
+  "share.modal.file-preview.error.not-supported.description": "这种类型的文件不支持预览。请下载文件查看。",
   // END /share/[id]
   // /share/[id]/edit
   "share.edit.title": "编辑 {shareId}",
@@ -296,12 +296,14 @@ export default {
   "share.edit.notify.save-success": "共享已更新成功",
   // END /share/[id]/edit
   // /imprint
-  "imprint.title": "Imprint",
+  "imprint.title": "版权信息",
   // END /imprint
   // /privacy
-  "privacy.title": "Privacy Policy",
+  "privacy.title": "隐私政策",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "配置管理",
   "admin.config.category.general": "通用",
   "admin.config.category.share": "共享",
@@ -313,49 +315,49 @@ export default {
   "admin.config.general.app-url": "App 的地址",
   "admin.config.general.app-url.description": "Pingvin Share 的 URL 地址",
   "admin.config.general.secure-cookies": "Secure cookies",
-  "admin.config.general.secure-cookies.description": "Whether to set the secure flag on cookies. If enabled, the site will not function when accessed over HTTP.",
+  "admin.config.general.secure-cookies.description": "是否为 cookie 设置安全标志。如果启用，当通过 HTTP 访问时站点将无法运行。",
   "admin.config.general.show-home-page": "显示首页",
   "admin.config.general.show-home-page.description": "是否显示首页",
   "admin.config.general.session-duration": "会话时长",
-  "admin.config.general.session-duration.description": "用户必须重新登录的时间 (默认：3 个月)",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "上传你的个性化 Logo，图片必须是长宽比 1:1 的 PNG 格式",
   "admin.config.general.logo.placeholder": "选择图片",
-  "admin.config.email.enable-share-email-recipients": "Enable email recipient sharing",
-  "admin.config.email.enable-share-email-recipients.description": "Whether to allow email sharing with recipients. Only enable this if SMTP is activated.",
+  "admin.config.email.enable-share-email-recipients": "启用邮件收件人共享",
+  "admin.config.email.enable-share-email-recipients.description": "是否允许与收件人分享电子邮件。只有在SMTP被激活时才启用此功能。",
   "admin.config.email.share-recipients-subject": "共享邮件通知主题",
   "admin.config.email.share-recipients-subject.description": "发送共享邮件通知的邮件主题",
   "admin.config.email.share-recipients-message": "共享邮件通知内容",
-  "admin.config.email.share-recipients-message.description": "Message which gets sent to the share recipients. Available variables:\n {creator} - The username of the creator of the share\n {creatorEmail} - The email of the creator of the share\n {shareUrl} - The URL of the share\n {desc} - The description of the share\n {expires} - The expiration date of the share\n These variables will be replaced with the actual value.",
+  "admin.config.email.share-recipients-message.description": "发给接收者的共享邮件通知的具体内容。可选的变量有：\n {creator} - 该共享的创建者\n {creatorEmail} - 共享创建者的电子邮箱\n {shareUrl} - 该共享的链接\n {desc} - 该共享的描述\n {expires} - 该共享的过期时间\n 这些变量会被实际的值所替代。",
   "admin.config.email.reverse-share-subject": "预留共享邮件通知主题",
-  "admin.config.email.reverse-share-subject.description": "Subject of the sent email when someone created a share with your reverse share link.",
+  "admin.config.email.reverse-share-subject.description": "当有人使用您的预留共享链接创建共享时发送电子邮件的主题",
   "admin.config.email.reverse-share-message": "预留共享邮件通知内容",
   "admin.config.email.reverse-share-message.description": "当有人使用了你的预留共享链接时，发送的通知内容。{shareUrl} 会被创建者的用户名和共享链接代替",
   "admin.config.email.reset-password-subject": "重置密码邮件通知主题",
-  "admin.config.email.reset-password-subject.description": "Subject of the sent email when a user requests a password reset.",
+  "admin.config.email.reset-password-subject.description": "当用户发起重置密码时，发送的重置密码邮件通知主题",
   "admin.config.email.reset-password-message": "重置密码邮件通知内容",
   "admin.config.email.reset-password-message.description": "当用户发起重置密码时，重置密码邮件通知内容。{url} 会被重置密码链接代替",
   "admin.config.email.invite-subject": "邀请邮件通知主题",
-  "admin.config.email.invite-subject.description": "Subject of the sent email when an admin invites a user.",
+  "admin.config.email.invite-subject.description": "当管理员邀请用户时，发送的邀请邮件通知主题",
   "admin.config.email.invite-message": "邀请邮件通知内容",
-  "admin.config.email.invite-message.description": "Message which gets sent when an admin invites a user. {url} will be replaced with the invite URL, {email} with the email and {password} with the users password.",
+  "admin.config.email.invite-message.description": "管理员邀请用户时发送的消息。{url} 将被替换为邀请链接，{email} 将被替换为电子邮件，{password} 将被替换为用户的密码。",
   "admin.config.share.allow-registration": "允许注册",
   "admin.config.share.allow-registration.description": "是否允许注册",
   "admin.config.share.allow-unauthenticated-shares": "是否允许未验证的共享",
   "admin.config.share.allow-unauthenticated-shares.description": "是否允许未验证的用户创建共享",
   "admin.config.share.max-expiration": "最长过期时间",
-  "admin.config.share.max-expiration.description": "Maximum share expiration. Set to 0 to allow unlimited expiration.",
-  "admin.config.share.share-id-length": "Default share ID length",
-  "admin.config.share.share-id-length.description": "Default length for the generated ID of a share. This value is also used to generate links for reverse shares. A value below 8 is not considered secure.",
+  "admin.config.share.max-expiration.description": "“最长过期时间”以小时为单位，如果将其设置为“0”则为永不过期。",
+  "admin.config.share.share-id-length": "默认共享ID长度",
+  "admin.config.share.share-id-length.description": "生成的共享 ID 的默认长度。该值也用于生成预留共享的链接。低于 8 的值不安全。",
   "admin.config.share.max-size": "最大文件上限",
   "admin.config.share.max-size.description": "最大文件上限",
   "admin.config.share.zip-compression-level": "Zip 文件压缩质量",
   "admin.config.share.zip-compression-level.description": "调整压缩质量来平衡压缩文件的大小和压缩的速度。有效值介于 0 和 9 之间，0 为不压缩，9 为最高质量压缩。 ",
   "admin.config.share.chunk-size": "块大小",
-  "admin.config.share.chunk-size.description": "Adjust the chunk size for your uploads to balance efficiency and reliability according to your internet connection. Smaller chunks can enhance success rates for unstable connections, while larger chunks make uploads faster for stable connections.",
+  "admin.config.share.chunk-size.description": "根据你的互联网连接情况调整上传文件的块大小（以字节为单位），以平衡效率和可靠性。 较小的块有助于提高不稳定网络环境中的上传成功率，而较大的块则可以加快稳定网络环境中的上传速度。",
   "admin.config.share.auto-open-share-modal": "自动打开创建共享对话框",
   "admin.config.share.auto-open-share-modal.description": "每当用户选择完将要被上传的文件后，自动打开创建共享的对话框。",
-  "admin.config.smtp.enabled": "Enable",
+  "admin.config.smtp.enabled": "启用",
   "admin.config.smtp.enabled.description": "是否开启 SMTP，仅当输入主机名、端口、发送邮箱、用户名和密码后开启",
   "admin.config.smtp.host": "主机名",
   "admin.config.smtp.host.description": "SMTP 主机名",
@@ -399,7 +401,7 @@ export default {
   "admin.config.oauth.discord-enabled": "Discord",
   "admin.config.oauth.discord-enabled.description": "是否启用 Discord 账号登录",
   "admin.config.oauth.discord-limited-users": "Discord limited users",
-  "admin.config.oauth.discord-limited-users.description": "Limit signing in to specific users by their Discord ID. Leave it blank to disable.",
+  "admin.config.oauth.discord-limited-users.description": "使用Discord ID限制登录到特定的用户。留空以禁用。",
   "admin.config.oauth.discord-limited-guild": "Discord 的 limited server ID",
   "admin.config.oauth.discord-limited-guild.description": "限制特定服务器中的用户登录。留空来禁用。",
   "admin.config.oauth.discord-client-id": "Discord 的 Client ID",
@@ -410,70 +412,70 @@ export default {
   "admin.config.oauth.oidc-enabled.description": "是否启用 OpenID Connect 登录",
   "admin.config.oauth.oidc-discovery-uri": "OpenID Connect 的 Discovery URI",
   "admin.config.oauth.oidc-discovery-uri.description": "OpenID Connect OAuth App 的 Discovery URI",
-  "admin.config.oauth.oidc-sign-out": "Sign out from OpenID Connect",
-  "admin.config.oauth.oidc-sign-out.description": "Whether the “Sign out” button will sign out from the OpenID Connect provider",
+  "admin.config.oauth.oidc-sign-out": "从 OpenID Connect 注销",
+  "admin.config.oauth.oidc-sign-out.description": "“注销”按钮是否会退出OpenID连接提供商",
   "admin.config.oauth.oidc-scope": "OpenID Connect scope",
-  "admin.config.oauth.oidc-scope.description": "Scopes which should be requested from the OpenID Connect provider.",
+  "admin.config.oauth.oidc-scope.description": "从 OpenID Connect 提供商请求的范围。",
   "admin.config.oauth.oidc-username-claim": "OpenID Connect 用户名请求",
   "admin.config.oauth.oidc-username-claim.description": "OpenID Connect ID token 中的用户名请求。如果您不知道这项配置是什么，请留空。",
-  "admin.config.oauth.oidc-role-path": "Path to roles in OpenID Connect token",
-  "admin.config.oauth.oidc-role-path.description": "Must be a valid JMES path referencing an array of roles. " + "Managing access rights using OpenID Connect roles is only recommended if no other identity provider is configured and password login is disabled. " + "Leave it blank if you don't know what this config is.",
-  "admin.config.oauth.oidc-role-general-access": "OpenID Connect role for general access",
-  "admin.config.oauth.oidc-role-general-access.description": "Role required for general access. Must be present in a user’s roles for them to log in. " + "Leave it blank if you don't know what this config is.",
-  "admin.config.oauth.oidc-role-admin-access": "OpenID Connect role for admin access",
-  "admin.config.oauth.oidc-role-admin-access.description": "Role required for administrative access. Must be present in a user’s roles for them to access the admin panel. " + "Leave it blank if you don't know what this config is.",
+  "admin.config.oauth.oidc-role-path": "在 OpenID Connect 令牌中的角色路径",
+  "admin.config.oauth.oidc-role-path.description": "Must be a valid JMES path referencing an array of roles. " + "只有在没有配置其他身份提供商且密码登录被禁用的情况下，才建议使用 OpenID Connect 角色来管理访问权限。 " + "如果您不知道此配置是什么，请留空。",
+  "admin.config.oauth.oidc-role-general-access": "常规访问的 OpenID Connect 角色",
+  "admin.config.oauth.oidc-role-general-access.description": "一般访问所需的角色。必须在用户角色中显示才能登录。 " + "如果您不知道此配置是什么，请留空。",
+  "admin.config.oauth.oidc-role-admin-access": "管理员访问的 OpenID Connect 角色",
+  "admin.config.oauth.oidc-role-admin-access.description": "管理权限所需的角色。必须在用户角色中显示他们才能访问管理面板。 " + "如果您不知道此配置是什么，请留空。",
   "admin.config.oauth.oidc-client-id": "OpenID Connect 的 Client ID",
   "admin.config.oauth.oidc-client-id.description": "OpenID Connect OAuth App 的 Client ID",
   "admin.config.oauth.oidc-client-secret": "OpenID Connect 的 Client secret",
   "admin.config.oauth.oidc-client-secret.description": "OpenID Connect OAuth App 的 Client secret",
   "admin.config.category.ldap": "LDAP",
-  "admin.config.ldap.enabled": "Enable LDAP",
+  "admin.config.ldap.enabled": "启用 LDAP",
   "admin.config.ldap.enabled.description": "使用 LDAP 身份认证进行用户登录",
-  "admin.config.ldap.url": "Server URL",
+  "admin.config.ldap.url": "服务器 URL",
   "admin.config.ldap.url.description": "LDAP 服务器的 URL",
   "admin.config.ldap.bind-dn": "Bind DN",
-  "admin.config.ldap.bind-dn.description": "Default user used to perform the user search",
+  "admin.config.ldap.bind-dn.description": "用于执行用户搜索的默认用户",
   "admin.config.ldap.bind-password": "Bind password",
-  "admin.config.ldap.bind-password.description": "Password used to perform the user search",
+  "admin.config.ldap.bind-password.description": "用于执行用户搜索的密码",
   "admin.config.ldap.search-base": "User base",
-  "admin.config.ldap.search-base.description": "Base location, where the user search will be performed",
-  "admin.config.ldap.search-query": "User query",
+  "admin.config.ldap.search-base.description": "进行用户搜索的基本位置",
+  "admin.config.ldap.search-query": "用户查询",
   "admin.config.ldap.search-query.description": "将用于在 'User base'中搜索 LDAP 用户。%username% 可以作为用户输入的占位符。",
-  "admin.config.ldap.admin-groups": "Admin group",
+  "admin.config.ldap.admin-groups": "管理员群组",
   "admin.config.ldap.admin-groups.description": "Group required for administrative access.",
   "admin.config.ldap.field-name-member-of": "User groups attribute name",
   "admin.config.ldap.field-name-member-of.description": "LDAP attribute name for the groups, an user is a member of. This is used when checking for the admin group.",
   "admin.config.ldap.field-name-email": "User email attribute name",
   "admin.config.ldap.field-name-email.description": "LDAP attribute name for the email of an user.",
   "admin.config.notify.success": "Configuration updated successfully.",
-  "admin.config.notify.logo-success": "Logo updated successfully. It may take a few minutes to update on the website.",
-  "admin.config.notify.no-changes": "No changes to save.",
-  "admin.config.category.s3": "S3",
-  "admin.config.s3.enabled": "Enabled",
-  "admin.config.s3.enabled.description": "Whether S3 should be used to store the shared files instead of the local file system.",
+  "admin.config.notify.logo-success": "Logo 更新成功。可能需要几分钟时间才能在网站上更新。",
+  "admin.config.notify.no-changes": "没有要保存的更改。",
+  "admin.config.category.s3": "对象存储",
+  "admin.config.s3.enabled": "启用",
+  "admin.config.s3.enabled.description": "是否使用 S3 来存储共享文件而不是本地文件系统。",
   "admin.config.s3.endpoint": "Endpoint",
   "admin.config.s3.endpoint.description": "The URL of the S3 bucket.",
   "admin.config.s3.region": "Region",
   "admin.config.s3.region.description": "The region of the S3 bucket.",
-  "admin.config.s3.bucket-name": "Bucket name",
+  "admin.config.s3.bucket-name": "Bucket名称",
   "admin.config.s3.bucket-name.description": "The name of the S3 bucket.",
-  "admin.config.s3.bucket-path": "Path",
-  "admin.config.s3.bucket-path.description": "The default path which should be used to store the files in the S3 bucket.",
+  "admin.config.s3.bucket-path": "路径",
+  "admin.config.s3.bucket-path.description": "用于在 S3 桶中存储文件的默认路径。",
   "admin.config.s3.key": "Key",
-  "admin.config.s3.key.description": "The key which allows you to access the S3 bucket.",
+  "admin.config.s3.key.description": "允许您访问 S3 桶的密钥。",
   "admin.config.s3.secret": "Secret",
-  "admin.config.s3.secret.description": "The secret which allows you to access the S3 bucket.",
-  "admin.config.category.legal": "Legal",
-  "admin.config.legal.enabled": "Enable legal notices",
-  "admin.config.legal.enabled.description": "Whether to show a link to imprint and privacy policy in the footer.",
-  "admin.config.legal.imprint-text": "Imprint text",
-  "admin.config.legal.imprint-text.description": "The text which should be shown in the imprint. Supports Markdown. Leave blank to link to an external imprint page.",
-  "admin.config.legal.imprint-url": "Imprint URL",
-  "admin.config.legal.imprint-url.description": "If you already have an imprint page you can link it here instead of using the text field.",
-  "admin.config.legal.privacy-policy-text": "Privacy policy text",
-  "admin.config.legal.privacy-policy-text.description": "The text which should be shown in the privacy policy. Supports Markdown. Leave blank to link to an external privacy policy page.",
-  "admin.config.legal.privacy-policy-url": "Privacy policy URL",
-  "admin.config.legal.privacy-policy-url.description": "If you already have a privacy policy page you can link it here instead of using the text field.",
+  "admin.config.s3.secret.description": "允许您访问 S3 桶的密钥。",
+  "admin.config.category.legal": "合规",
+  "admin.config.legal.enabled": "启用合规提醒",
+  "admin.config.legal.enabled.description": "是否在页脚中显示版权信息和隐私政策。",
+  "admin.config.legal.imprint-text": "版权信息",
+  "admin.config.legal.imprint-text.description": "文本将会显示在版权信息中。支持Markdown。留空以链接到版权信息页面。",
+  "admin.config.legal.imprint-url": "版权信息 URL",
+  "admin.config.legal.imprint-url.description": "如果您已经有一个版权信息页面，您可以在此链接它，而不是使用文本字段。",
+  "admin.config.legal.privacy-policy-text": "隐私政策文本",
+  "admin.config.legal.privacy-policy-text.description": "文本将会显示在隐私政策页面中。支持Markdown。留空以链接到隐私政策页面。",
+  "admin.config.legal.privacy-policy-url": "隐私政策网址",
+  "admin.config.legal.privacy-policy-url.description": "如果您已经有一个隐私政策页面，您可以在此链接它，而不是使用文本字段。",
   // 404
   "404.description": "当前的页面走丢啦",
   "404.button.home": "返回主页",
@@ -488,10 +490,10 @@ export default {
   "error.msg.no_user": "用户关联的这个 {0} 账户不存在。",
   "error.msg.no_email": "无法从 {0} 这个账户获取邮箱地址。",
   "error.msg.already_linked": "{0} 这个账户已经关联到另一个账号。",
-  "error.msg.not_linked": "This {0} account hasn't been linked to any account yet.",
+  "error.msg.not_linked": "这个 {0} 账户尚未关联到任何账号。",
   "error.msg.unverified_account": "{0} 这个账户尚未验证，请在验证后重试。",
   "error.msg.user_not_allowed": "您无权登录。",
-  "error.msg.cannot_get_user_info": "Cannot get your user info from this {0} account.",
+  "error.msg.cannot_get_user_info": "无法从 {0} 这个账户获取您的用户信息。",
   "error.param.provider_github": "GitHub",
   "error.param.provider_google": "谷歌",
   "error.param.provider_microsoft": "Microsoft",
@@ -509,9 +511,9 @@ export default {
   "common.button.generate": "生成",
   "common.button.done": "完成",
   "common.text.link": "链接",
-  "common.text.navigate-to-link": "Visit link",
+  "common.text.navigate-to-link": "访问链接",
   "common.text.or": "或",
-  "common.text.redirecting": "Redirecting...",
+  "common.text.redirecting": "正在跳转中...",
   "common.button.go-back": "返回",
   "common.button.go-home": "返回主页",
   "common.notify.copied": "已复制到剪贴板",
@@ -522,7 +524,7 @@ export default {
   "common.error.invalid-email": "邮件地址不可用",
   "common.error.too-short": "必须不少于 {length} 个字符",
   "common.error.too-long": "必须不超过 {length} 个字符",
-  "common.error.number-too-small": "Must be at least {min}",
+  "common.error.number-too-small": "必须至多为 {min}",
   "common.error.number-too-large": "必须至多为 {max}",
   "common.error.exact-length": "必须为 {length} 个字符",
   "common.error.invalid-number": "必须为数字",

frontend/src/i18n/translations/zh-TW.ts

@@ -302,6 +302,8 @@ export default {
   "privacy.title": "Privacy Policy",
   // END /privacy
   // /admin/config
+  "admin.config.config-file-warning.title": "Configuration file present",
+  "admin.config.config-file-warning.description": "As you have a configured Pingvin Share with a configuration file, you can't change the configuration through the UI.",
   "admin.config.title": "配置管理",
   "admin.config.category.general": "通用",
   "admin.config.category.share": "分享",
@@ -317,7 +319,7 @@ export default {
   "admin.config.general.show-home-page": "顯示首頁",
   "admin.config.general.show-home-page.description": "是否顯示首頁",
   "admin.config.general.session-duration": "工作階段持續時間",
-  "admin.config.general.session-duration.description": "使用者需要必須要重新登入的最長時間 (預設： 3 個月)",
+  "admin.config.general.session-duration.description": "Time after which a user must log in again (default: 3 months).",
   "admin.config.general.logo": "Logo",
   "admin.config.general.logo.description": "上傳個性化 Logo，圖片必須是長寬比 1:1 的 PNG 格式",
   "admin.config.general.logo.placeholder": "選擇圖片",

frontend/src/pages/account/index.tsx

@@ -413,7 +413,7 @@ const Account = () => {
                   onConfirm: async () => {
                     await userService
                       .removeCurrentUser()
-                      .then(window.location.reload)
+                      .then(() => window.location.reload())
                       .catch(toast.axiosError);
                   },
                 })

frontend/src/pages/admin/config/[category].tsx

@@ -1,4 +1,5 @@
 import {
+  Alert,
   AppShell,
   Box,
   Button,
@@ -13,6 +14,7 @@ import { useMediaQuery } from "@mantine/hooks";
 
 import { useRouter } from "next/router";
 import { useEffect, useState } from "react";
+import { TbInfoCircle } from "react-icons/tb";
 import { FormattedMessage } from "react-intl";
 import Meta from "../../../components/Meta";
 import AdminConfigInput from "../../../components/admin/configuration/AdminConfigInput";
@@ -46,6 +48,10 @@ export default function AppShellDemo() {
 
   const [logo, setLogo] = useState<File | null>(null);
 
+  const isEditingAllowed = (): boolean => {
+    return !configVariables || configVariables[0].allowEdit;
+  };
+
   const saveConfigVariables = async () => {
     if (logo) {
       configService
@@ -132,6 +138,17 @@ export default function AppShellDemo() {
           ) : (
             <>
               <Stack>
+                {!isEditingAllowed() && (
+                  <Alert
+                    mb={"lg"}
+                    variant="light"
+                    color="primary"
+                    title={t("admin.config.config-file-warning.title")}
+                    icon={<TbInfoCircle />}
+                  >
+                    <FormattedMessage id="admin.config.config-file-warning.description" />
+                  </Alert>
+                )}
                 <Title mb="md" order={3}>
                   {t("admin.config.category." + categoryId)}
                 </Title>

frontend/src/pages/admin/index.tsx

@@ -54,19 +54,22 @@ const Admin = () => {
   ]);
 
   useEffect(() => {
-    configService.isNewReleaseAvailable().then((isNewReleaseAvailable) => {
-      if (isNewReleaseAvailable) {
-        setManagementOptions([
-          ...managementOptions,
-          {
-            title: "Update",
-            icon: TbRefresh,
-            route:
-              "https://github.com/stonith404/pingvin-share/releases/latest",
-          },
-        ]);
-      }
-    });
+    configService
+      .isNewReleaseAvailable()
+      .then((isNewReleaseAvailable) => {
+        if (isNewReleaseAvailable) {
+          setManagementOptions([
+            ...managementOptions,
+            {
+              title: "Update",
+              icon: TbRefresh,
+              route:
+                "https://github.com/stonith404/pingvin-share/releases/latest",
+            },
+          ]);
+        }
+      })
+      .catch();
   }, []);
 
   return (

frontend/src/types/config.type.ts

@@ -16,6 +16,7 @@ export type AdminConfig = Config & {
   secret: boolean;
   description: string;
   obscured: boolean;
+  allowEdit: boolean;
 };
 
 export type AdminConfigGroupedByCategory = {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "pingvin-share",
-  "version": "1.9.0",
+  "version": "1.10.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "pingvin-share",
-      "version": "1.9.0",
+      "version": "1.10.2",
       "devDependencies": {
         "conventional-changelog-cli": "^3.0.0"
       }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share",
-  "version": "1.9.0",
+  "version": "1.10.2",
   "scripts": {
     "format": "cd frontend && npm run format && cd ../backend && npm run format",
     "lint": "cd frontend && npm run lint && cd ../backend && npm run lint",

scripts/generate-example-config.ts

@@ -0,0 +1,66 @@
+import * as fs from "fs";
+import * as yaml from "yaml";
+import { configVariables } from "../backend/prisma/seed/config.seed";
+import translations from "../frontend/src/i18n/translations/en-US";
+
+// Prepare an object that only contains the categories, keys and values
+const configVariablesWithDefaultValues = {};
+for (const [category, variables] of Object.entries(configVariables)) {
+  if (category == "internal") continue;
+  for (const [variableName, { defaultValue }] of Object.entries(variables)) {
+    if (!configVariablesWithDefaultValues[category]) {
+      configVariablesWithDefaultValues[category] = {};
+    }
+    configVariablesWithDefaultValues[category][variableName] = defaultValue;
+  }
+}
+
+// As `initUser` is not part of the `configVariables` object, we add it manually
+configVariablesWithDefaultValues["initUser"] = {
+  enabled: false,
+  username: "admin",
+  email: "admin@example.com",
+  password: "my-secure-password",
+  isAdmin: true,
+  ldapDN: "",
+};
+
+// Create the yaml document
+const doc: any = new yaml.Document(configVariablesWithDefaultValues);
+
+// Add the descriptions imported from `en-US.ts` as comments
+for (const category of doc.contents.items) {
+  //  As `initUser` can't be configured from the UI, we have to add the description manually
+  if (category.key.value === "initUser") {
+    category.key.commentBefore =
+      "This configuration is used to create the initial user when the application is started for the first time.\n";
+    category.key.commentBefore +=
+      "Make sure to change at least the password as soon as you log in!";
+  }
+
+  for (const variable of category.value.items) {
+    variable.key.commentBefore = getDescription(
+      category.key.value,
+      variable.key.value
+    );
+  }
+}
+doc.commentBefore =
+  "This configuration is pre-filled with the default values.\n";
+doc.commentBefore +=
+  "You can remove keys you don't want to set. If a key is missing, the value set in the UI will be used; if that is also unset, the default value applies.";
+
+// Write the YAML content to a file
+fs.writeFileSync("../config.example.yaml", doc.toString({ indent: 2 }), "utf8");
+console.log("YAML file generated successfully!");
+
+// Helper functions
+function getDescription(category: string, name: string) {
+  return translations[
+    `admin.config.${category}.${camelToKebab(name)}.description`
+  ];
+}
+
+function camelToKebab(str: string) {
+  return str.replace(/[A-Z]/g, (letter) => `-${letter.toLowerCase()}`);
+}

scripts/package-lock.json

@@ -0,0 +1,229 @@
+{
+  "name": "scripts",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "scripts",
+      "version": "1.0.0",
+      "dependencies": {
+        "yaml": "^2.7.0"
+      },
+      "devDependencies": {
+        "@types/node": "^22.13.5",
+        "ts-node": "^10.9.2"
+      }
+    },
+    "node_modules/@cspotcode/source-map-support": {
+      "version": "0.8.1",
+      "resolved": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz",
+      "integrity": "sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/trace-mapping": "0.3.9"
+      },
+      "engines": {
+        "node": ">=12"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz",
+      "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==",
+      "dev": true,
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
+      "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+      "dev": true
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.9",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz",
+      "integrity": "sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==",
+      "dev": true,
+      "dependencies": {
+        "@jridgewell/resolve-uri": "^3.0.3",
+        "@jridgewell/sourcemap-codec": "^1.4.10"
+      }
+    },
+    "node_modules/@tsconfig/node10": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz",
+      "integrity": "sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==",
+      "dev": true
+    },
+    "node_modules/@tsconfig/node12": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz",
+      "integrity": "sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==",
+      "dev": true
+    },
+    "node_modules/@tsconfig/node14": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz",
+      "integrity": "sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==",
+      "dev": true
+    },
+    "node_modules/@tsconfig/node16": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz",
+      "integrity": "sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==",
+      "dev": true
+    },
+    "node_modules/@types/node": {
+      "version": "22.13.5",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.5.tgz",
+      "integrity": "sha512-+lTU0PxZXn0Dr1NBtC7Y8cR21AJr87dLLU953CWA6pMxxv/UDc7jYAY90upcrie1nRcD6XNG5HOYEDtgW5TxAg==",
+      "dev": true,
+      "dependencies": {
+        "undici-types": "~6.20.0"
+      }
+    },
+    "node_modules/acorn": {
+      "version": "8.14.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
+      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
+      "dev": true,
+      "bin": {
+        "acorn": "bin/acorn"
+      },
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
+    "node_modules/acorn-walk": {
+      "version": "8.3.4",
+      "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.4.tgz",
+      "integrity": "sha512-ueEepnujpqee2o5aIYnvHU6C0A42MNdsIDeqy5BydrkuC5R1ZuUFnm27EeFJGoEHJQgn3uleRvmTXaJgfXbt4g==",
+      "dev": true,
+      "dependencies": {
+        "acorn": "^8.11.0"
+      },
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
+    "node_modules/arg": {
+      "version": "4.1.3",
+      "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz",
+      "integrity": "sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==",
+      "dev": true
+    },
+    "node_modules/create-require": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz",
+      "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==",
+      "dev": true
+    },
+    "node_modules/diff": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz",
+      "integrity": "sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==",
+      "dev": true,
+      "engines": {
+        "node": ">=0.3.1"
+      }
+    },
+    "node_modules/make-error": {
+      "version": "1.3.6",
+      "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz",
+      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==",
+      "dev": true
+    },
+    "node_modules/ts-node": {
+      "version": "10.9.2",
+      "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz",
+      "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==",
+      "dev": true,
+      "dependencies": {
+        "@cspotcode/source-map-support": "^0.8.0",
+        "@tsconfig/node10": "^1.0.7",
+        "@tsconfig/node12": "^1.0.7",
+        "@tsconfig/node14": "^1.0.0",
+        "@tsconfig/node16": "^1.0.2",
+        "acorn": "^8.4.1",
+        "acorn-walk": "^8.1.1",
+        "arg": "^4.1.0",
+        "create-require": "^1.1.0",
+        "diff": "^4.0.1",
+        "make-error": "^1.1.1",
+        "v8-compile-cache-lib": "^3.0.1",
+        "yn": "3.1.1"
+      },
+      "bin": {
+        "ts-node": "dist/bin.js",
+        "ts-node-cwd": "dist/bin-cwd.js",
+        "ts-node-esm": "dist/bin-esm.js",
+        "ts-node-script": "dist/bin-script.js",
+        "ts-node-transpile-only": "dist/bin-transpile.js",
+        "ts-script": "dist/bin-script-deprecated.js"
+      },
+      "peerDependencies": {
+        "@swc/core": ">=1.2.50",
+        "@swc/wasm": ">=1.2.50",
+        "@types/node": "*",
+        "typescript": ">=2.7"
+      },
+      "peerDependenciesMeta": {
+        "@swc/core": {
+          "optional": true
+        },
+        "@swc/wasm": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/typescript": {
+      "version": "5.7.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.3.tgz",
+      "integrity": "sha512-84MVSjMEHP+FQRPy3pX9sTVV/INIex71s9TL2Gm5FG/WG1SqXeKyZ0k7/blY/4FdOzI12CBy1vGc4og/eus0fw==",
+      "dev": true,
+      "peer": true,
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=14.17"
+      }
+    },
+    "node_modules/undici-types": {
+      "version": "6.20.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz",
+      "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==",
+      "dev": true
+    },
+    "node_modules/v8-compile-cache-lib": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz",
+      "integrity": "sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==",
+      "dev": true
+    },
+    "node_modules/yaml": {
+      "version": "2.7.0",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.7.0.tgz",
+      "integrity": "sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==",
+      "bin": {
+        "yaml": "bin.mjs"
+      },
+      "engines": {
+        "node": ">= 14"
+      }
+    },
+    "node_modules/yn": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz",
+      "integrity": "sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==",
+      "dev": true,
+      "engines": {
+        "node": ">=6"
+      }
+    }
+  }
+}

scripts/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "scripts",
+  "version": "1.0.0",
+  "scripts": {
+    "generate-example-config": "ts-node generate-example-config.ts"
+  },
+  "description": "",
+  "dependencies": {
+    "yaml": "^2.7.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.13.5",
+    "ts-node": "^10.9.2"
+  }
+}

scripts/tsconfig.json

@@ -0,0 +1,8 @@
+{
+  "compilerOptions": {
+    "esModuleInterop": true,
+    "moduleResolution": "node"
+  },
+  "include": ["/**/*.ts", "generate-example-config.ts"],
+  "exclude": ["node_modules"]
+}