YunoHost-Apps/etherpad_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/etherpad_ynh.git synced 2024-09-03 18:36:10 +02:00
Code Issues Activity Actions

Update settings.json

Browse source
This commit is contained in:
ericgaspar 2021-02-15 11:55:40 +01:00
parent 7ab76196e6
commit 62b6217a4d
No known key found for this signature in database
GPG key ID: 574F281483054D44
1 changed files with 78 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

100
conf/settings.json
View file

@ -232,12 +232,6 @@
*/ */
"editOnly": false, "editOnly": false,
/*
* If set to true, those users who have a valid session will automatically be
* granted access to password protected pads.
*/
"sessionNoPassword": false,
/* /*
* If true, all css & js will be minified before sending to the client. * If true, all css & js will be minified before sending to the client.
* *
@ -252,7 +246,7 @@
* Not setting this may cause problems during deployment. * Not setting this may cause problems during deployment.
* Set to 0 to disable caching. * Set to 0 to disable caching.
*/ */
"maxAge": 21600, // 60 * 60 * 6 = 6 hours "maxAge": 99999999, // 60 * 60 * 6 = 6 hours
/* /*
* Absolute path to the Abiword executable. * Absolute path to the Abiword executable.
@ -308,6 +302,24 @@
*/ */
"trustProxy": false, "trustProxy": false,
/*
* Settings controlling the session cookie issued by Etherpad.
*/
"cookie": {
/*
* Value of the SameSite cookie property. "Lax" is recommended unless
* Etherpad will be embedded in an iframe from another site, in which case
* this must be set to "None". Note: "None" will not work (the browser will
* not send the cookie to Etherpad) unless https is used to access Etherpad
* (either directly or via a reverse proxy with "trustProxy" set to true).
*
* "Strict" is not recommended because it has few security benefits but
* significant usability drawbacks vs. "Lax". See
* https://stackoverflow.com/q/41841880 for discussion.
*/
"sameSite": "Lax"
},
/* /*
* Privacy: disable IP logging * Privacy: disable IP logging
*/ */
@ -362,11 +374,62 @@
"percentageToScrollWhenUserPressesArrowUp": 0 "percentageToScrollWhenUserPressesArrowUp": 0
}, },
/*
* User accounts. These accounts are used by:
* - default HTTP basic authentication if no plugin handles authentication
* - some but not all authentication plugins
* - some but not all authorization plugins
*
* User properties:
* - password: The user's password. Some authentication plugins will ignore
* this.
* - is_admin: true gives access to /admin. Defaults to false. If you do not
* uncomment this, /admin will not be available!
* - readOnly: If true, this user will not be able to create new pads or
* modify existing pads. Defaults to false.
* - canCreate: If this is true and readOnly is false, this user can create
* new pads. Defaults to true.
*
* Authentication and authorization plugins may define additional properties.
*
* WARNING: passwords should not be stored in plaintext in this file.
* If you want to mitigate this, please install ep_hash_auth and
* follow the section "secure your installation" in README.md
*/
/*
"users": {
"admin": {
// 1) "password" can be replaced with "hash" if you install ep_hash_auth
// 2) please note that if password is null, the user will not be created
"password": "changeme1",
"is_admin": true
},
"user": {
// 1) "password" can be replaced with "hash" if you install ep_hash_auth
// 2) please note that if password is null, the user will not be created
"password": "changeme1",
"is_admin": false
}
},
*/
/* /*
* Restrict socket.io transport methods * Restrict socket.io transport methods
*/ */
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"], "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
"socketIo": {
/*
* Maximum permitted client message size (in bytes). All messages from
* clients that are larger than this will be rejected. Large values make it
* possible to paste large amounts of text, and plugins may require a larger
* value to work properly, but increasing the value increases susceptibility
* to denial of service attacks (malicious clients can exhaust memory).
*/
"maxHttpBufferSize": 10000
},
/* /*
* Allow Load Testing tools to hit the Etherpad Instance. * Allow Load Testing tools to hit the Etherpad Instance.
* *
@ -408,21 +471,8 @@
*/ */
"importMaxFileSize": 52428800, // 50 * 1024 * 1024 "importMaxFileSize": 52428800, // 50 * 1024 * 1024
/* /*
* From Etherpad 1.8.3 onwards import was restricted to authors who had * From Etherpad 1.8.5 onwards, when Etherpad is in production mode commits from individual users are rate limited
* content within the pad.
*
* This setting will override that restriction and allow any user to import
* without the requirement to add content to a pad.
*
* This setting is useful for when you use a plugin for authentication so you
* can already trust each user.
*/
"allowAnyoneToImport": false,
/*
* From Etherpad 1.9.0 onwards, when Etherpad is in production mode commits from individual users are rate limited
* *
* The default is to allow at most 10 changes per IP in a 1 second window. * The default is to allow at most 10 changes per IP in a 1 second window.
* After that the change is rejected. * After that the change is rejected.
@ -433,7 +483,7 @@
// duration of the rate limit window (seconds) // duration of the rate limit window (seconds)
"duration": 1, "duration": 1,
// maximum number of chanes per IP to allow during the rate limit window // maximum number of changes per IP to allow during the rate limit window
"points": 10 "points": 10
}, },
@ -530,5 +580,7 @@
}, // logconfig }, // logconfig
/* Override any strings found in locale directories */ /* Override any strings found in locale directories */
"customLocaleStrings": {} "customLocaleStrings": {},
}
/* Disable Admin UI tests */
"enableAdminUITests": false