Synchronize conf with upstream

2024-09-03 18:26:13 +02:00 · 2019-12-02 21:04:14 +01:00 · 2019-12-02 21:04:14 +01:00 · fdd7c196fa
commit fdd7c196fa
parent 8be94ade02
1 changed files with 23 additions and 94 deletions
--- a/conf/diaspora.yml
+++ b/conf/diaspora.yml
@ -21,7 +21,7 @@
 ## - Specify lists/arrays as comma-separated values
 ##
 ## - For example, on Heroku:
-##   heroku config:set SERVICES_FACEBOOK_APP_ID=yourappid SERVICES_FACEBOOK_SECRET=yourappsecret
+##   heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret
 configuration: ## Section
@ -42,7 +42,7 @@ configuration: ## Section
    ## This is specific to your operating system.
    ## Examples (uncomment the relevant one or add your own):
    ## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates):
-    #certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
+    certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
    ## For CentOS, Fedora:
    #certificate_authorities: '/etc/pki/tls/certs/ca-bundle.crt'
@ -82,7 +82,7 @@ configuration: ## Section
      ## Number of times a job is retried (default=10).
      ## There's an exponential effect to this: if you set this too high you
      ## might get too many jobs building up in the queue.
-      ## Set it to false to disable it completely.
+      ## Set it to 0 to disable it completely.
      #retry: 10
      ## Lines of backtrace that are stored on failure (default=15).
@ -186,9 +186,10 @@ configuration: ## Section
    ## Change this to 'production' if you wish to run a production environment.
    rails_environment: 'production'
    # TODO check
    ## Write unicorn stderr and stdout log.
-    #stderr_log: '/usr/local/app/diaspora/log/unicorn-stderr.log'
+    #stderr_log: 'log/unicorn-stderr.log'
-    #stdout_log: '/usr/local/app/diaspora/log/unicorn-stdout.log'
+    #stdout_log: 'log/unicorn-stdout.log'
    ## Number of Unicorn worker processes (default=2).
    ## Increase this if you have many users.
@ -209,68 +210,6 @@ configuration: ## Section
    ## increase environment.sidekiq.concurrency instead!
    #sidekiq_workers: 1
  ## Diaspora has an internal XMPP web-client. If you want to enable the chat
  ## functionality or want to use a custom XMPP server, then you should edit
  ## the following configuration.
  chat: ## Section
    ## Enable the chat service and all its components.
    ##
    ## Please make sure that you followed the Installation-Instructions first:
    ## https://wiki.diasporafoundation.org/Integration/Chat#Installation.2FUpdate
    #enabled: true
    ## Custom XMPP server configuration goes here.
    server: ## Section
      ## Use the configuration bridge to prosody (default=true).
      ## In case you want to run your own server or want to configure
      ## prosody on your own, you should disable it.
      #enabled: false
      ## Set the directory in which to look for virtual hosts TLS certificates.
      #certs: 'config/certs'
      ## XEP-0124 BOSH requests
      ## The easiest way of avoiding certificate and mixed-content issues
      ## is to use a proxy, e.g.:
      ##
      ## Apache: https://wiki.diasporafoundation.org/Integration/Chat#Apache2
      ## Nginx: https://wiki.diasporafoundation.org/Integration/Chat#Nginx
      ##
      ## If you configured your proxy correctly,
      ## you should set the proxy option to 'true'
      bosh: ## Section
        ## If you'd like to use a proxy, you should set the proxy
        ## option to true, otherwise jsxc always tries to
        ## connect directly to the port specified below.
        #proxy: true
        ## Configure the protocol used to access the BOSH endpoint
        #proto: http
        ## Configure the address that prosody should listen on.
        #address: '0.0.0.0'
        ## Configure the BOSH port.
        #port: 5280
        ## Configure the bind endpoint.
        #bind: '/http-bind'
      ## Specify log behaviour here.
      log: ## Section
        ## Log file location.
        #info: 'log/prosody.log'
        ## Error log file location.
        #error: 'log/prosody.err'
        ## The debug level logs all XML sent and received by the server.
        #debug: false
  ## Displays the location of a post in a map. Per default we are using the map
  ## tiles of the Heidelberg University (http://giscience.uni-hd.de).
  ## You also have the possibility to use the map tiles of https://www.mapbox.com
@ -301,21 +240,16 @@ configuration: ## Section
    ## Piwik Tracking (disabled by default).
    ## Provide a site ID and the host piwik is running on to enable
    ## tracking through Piwik.
    # TODO ? Check implications...
    piwik: ## Section
      #enable: true
      #host: 'stats.example.org'
      #site_id: 1
    ## Mixpanel event tracking (disabled by default).
    #mixpanel_uid:
    ## Chartbeat tracking (disabled by default).
    #chartbeat_uid:
    ## Statistics
    ## Your pod will report its name, software version and whether
-    ## or not registrations are open via /statistics.json.
+    ## or not registrations are open via /statistics and NodeInfo.
    ## Uncomment the options below to enable more statistics.
    statistics: ## Section
@ -368,6 +302,7 @@ configuration: ## Section
    ## Set this to false to prevent people from signing up to your pod
    ## without an invitation. Note that this needs to be set to true
    ## (or commented out) to enable the first registration (you).
    # TODO ynh settings?
    #enable_registrations: true
    ## Auto-follow on sign-up (default=true)
@ -462,6 +397,11 @@ configuration: ## Section
    ## of your Sidekiq workers.
    #typhoeus_concurrency: 20
    ## Maximum number of parallel user data export jobs (default=1)
    ## Be careful, exports of big/old profiles can use a lot of memory, running
    ## many of them in parallel can be a problem for small servers.
    #export_concurrency: 1
    ## Captcha settings
    captcha: ## Section
@ -568,14 +508,15 @@ configuration: ## Section
    ## party domains from services that are included in diaspora*, like OEmbed
    ## scripts, so you can safely activate it by setting `report_only` to false. If
    ## you customized diaspora* (edited templates or added own JS), additional work
-    ## may be required. You can test the policy with the "report_uri". Our default CSP
+    ## may be required. You can test the policy with the `report_uri`. Our default CSP
    ## does not work with Google analytics or Piwik, because they inject JS code that
    ## is blocked by CSP.
    csp:
-      ## Report-Only header (default=true)
+
-      ## By default diaspora* adds only a "Content-Security-Policy-Report-Only" header. If you set
+      ## Report-Only header (default=false)
-      ## this to false, the "Content-Security-Policy" header is added instead.
+      ## By default diaspora* adds a "Content-Security-Policy" header. If you set
-      #report_only: false
+      ## this to true, the "Content-Security-Policy-Report-Only" header is added instead.
      #report_only: true
      ## CSP report URI (default=)
      ## You can set an URI here, where the user agent reports violations as JSON document via a POST request.
@ -584,20 +525,6 @@ configuration: ## Section
  ## Posting from Diaspora to external services (all are disabled by default).
  services: ## Section
    ## OAuth credentials for Facebook
    facebook: ## Section
      #enable: true
      #app_id: 'abcdef'
      #secret: 'change_me'
      ## This setting is required to define whether the Facebook app has permissions to post
      ##   false == No permissions (default)
      ##   true == Permissions for all users to post. App MUST have 'publish_actions' approved by Facebook!
      ##   "username" == Set to local username to allow a single user to cross-post. The person who has created
      ##                 the Facebook app will always be able to cross-post, even without 'publish_actions'.
      #authorized: false
    ## OAuth credentials for Twitter
    twitter: ## Section
@ -621,6 +548,7 @@ configuration: ## Section
  ## Allow your pod to send emails for notifications, password recovery
  ## and other purposes (disabled by default).
  # TODO definitely configure that with ynh mail server
  mail: ## Section
    ## First you need to enable it.
@ -683,9 +611,11 @@ configuration: ## Section
    #account: "podmaster"
    ## E-mail address to contact the administrator.
    # TODO
    #podmin_email: 'podmin@example.org'
  ## Settings related to relays
  # TODO
  relay: ## Section
    ## Relays are applications that exist to push public posts around to
@ -726,4 +656,3 @@ production: ## Section
 development: ## Section
  environment: ## Section
    #redis: 'redis://production.example.org:6379'