2017-02-02 20:22:09 +01:00
|
|
|
# vim:set sw=4 ts=4 sts=4 ft=perl expandtab:
|
|
|
|
{
|
|
|
|
####################
|
|
|
|
# Hypnotoad settings
|
|
|
|
####################
|
|
|
|
# see http://mojolicio.us/perldoc/Mojo/Server/Hypnotoad for a full list of settings
|
|
|
|
hypnotoad => {
|
|
|
|
# array of IP addresses and ports you want to listen to
|
|
|
|
listen => ['http://127.0.0.1:__PORT__'],
|
|
|
|
# if you use Lstu behind a reverse proxy like Nginx, you want to set proxy to 1
|
|
|
|
# if you use Lstu directly, let it commented
|
|
|
|
#proxy => 1,
|
|
|
|
},
|
|
|
|
|
|
|
|
# put a way to contact you here and uncomment it
|
|
|
|
# MANDATORY
|
|
|
|
contact => 'webmaster@__DOMAIN__',
|
|
|
|
|
|
|
|
# array of random strings used to encrypt cookies
|
|
|
|
# optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT
|
|
|
|
secrets => ['__SECRET__'],
|
|
|
|
|
|
|
|
# secret passphrase to access some admin features
|
|
|
|
# If you don't want to have a plain text password in configuration,
|
|
|
|
# use hashed_adminpwd instead
|
|
|
|
# optional, but you won't have access to admin /stats if not set and if hashed_adminpwd is not set either
|
|
|
|
#adminpwd => 's3cr3T',
|
|
|
|
|
|
|
|
# secret hashed passphrase to access some admin features
|
|
|
|
# Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
|
|
|
|
# optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
|
2019-02-14 23:41:28 +01:00
|
|
|
hashed_adminpwd => '__PASSWORD_HASHED__',
|
2017-02-02 20:22:09 +01:00
|
|
|
|
|
|
|
# choose a theme. See the available themes in `themes` directory
|
|
|
|
# optional, default is 'default'
|
2019-02-14 23:39:36 +01:00
|
|
|
theme => '__SELECTED_THEME__', # default or milligram
|
2017-02-02 20:22:09 +01:00
|
|
|
|
|
|
|
# number of URLs to be displayed per page in /stats
|
|
|
|
# optional, default is 10
|
|
|
|
page_offset => 10,
|
|
|
|
|
|
|
|
# length of the random URL
|
|
|
|
# optional, default is 8
|
|
|
|
length => 8,
|
|
|
|
|
|
|
|
# how many URLs will be provisioned in a batch ?
|
|
|
|
# optional, default is 5
|
|
|
|
#provis_step => 5,
|
|
|
|
|
|
|
|
# max number of URLs to be provisioned
|
|
|
|
# optional, default is 100
|
|
|
|
#provisioning => 100,
|
|
|
|
|
|
|
|
# URL sub-directory in which you want Lstu to be accessible
|
|
|
|
# example: you want to have Lstu under https://example.org/lstu/
|
|
|
|
# => set prefix to '/lstu' or to '/lstu/', it doesn't matter
|
|
|
|
# optional, defaut is /
|
|
|
|
prefix => '__PATH__',
|
|
|
|
|
|
|
|
# array of authorized domains for API calls.
|
|
|
|
# if you want to authorize everyone to use the API: ['*']
|
|
|
|
# optional, no domains allowed by default
|
|
|
|
#allowed_domains => ['http://1.example.com', 'http://2.example.com'],
|
|
|
|
|
|
|
|
# if set, the shortened URLs will use this domain
|
|
|
|
# optional
|
|
|
|
#fixed_domain => 'example.org',
|
|
|
|
|
2017-04-21 12:54:39 +02:00
|
|
|
# choose what database you want to use
|
2018-11-04 11:00:11 +01:00
|
|
|
# valid choices are sqlite, postgresql and mysql (all lowercase)
|
2017-04-21 12:54:39 +02:00
|
|
|
# optional, default is sqlite
|
2018-11-04 11:00:11 +01:00
|
|
|
dbtype => 'postgresql',
|
2017-04-21 12:54:39 +02:00
|
|
|
|
|
|
|
# SQLite ONLY - only used if dbtype is set to sqlite
|
2017-02-02 20:22:09 +01:00
|
|
|
# define a path to the SQLite database
|
|
|
|
# you can define it relative to lstu directory or set an absolute path
|
|
|
|
# remember that it has to be in a directory writable by Lstu user
|
|
|
|
# optional, default is lstu.db
|
|
|
|
#db_path => 'lstu.db',
|
|
|
|
|
2017-04-21 12:54:39 +02:00
|
|
|
# PostgreSQL ONLY - only used if dbtype is set to postgresql
|
|
|
|
# these are the credentials to access the PostgreSQL database
|
|
|
|
# mandatory if you choosed postgresql as dbtype
|
2018-11-04 11:00:11 +01:00
|
|
|
pgdb => {
|
|
|
|
database => '__DB_NAME__',
|
|
|
|
host => 'localhost',
|
|
|
|
# optional, default is 5432
|
|
|
|
#port => 5432,
|
|
|
|
user => '__DB_USER__',
|
|
|
|
pwd => '__DB_PWD__',
|
|
|
|
# optional, default is 1
|
|
|
|
#max_connections => 1,
|
|
|
|
},
|
|
|
|
|
|
|
|
# MySQL ONLY - only used if dbtype is set to mysql
|
|
|
|
# these are the credentials to access the MySQL database
|
|
|
|
# mandatory if you choosed mysql as dbtype
|
|
|
|
#mysqldb => {
|
2017-04-21 12:54:39 +02:00
|
|
|
# database => 'lstu',
|
|
|
|
# host => 'localhost',
|
2018-11-04 11:00:11 +01:00
|
|
|
# # optional, default is 3306
|
|
|
|
# #port => 3306,
|
|
|
|
# user => 'DBUSER',
|
|
|
|
# pwd => 'DBPASSWORD',
|
|
|
|
# # optional, default is 5 (set to 0 to disable persistent connections)
|
|
|
|
# #max_connections => 5,
|
2017-04-21 12:54:39 +02:00
|
|
|
#},
|
|
|
|
|
2017-02-02 20:22:09 +01:00
|
|
|
# Rate-limiting for the API
|
|
|
|
# After ban_min_strike requests in a second, the IP address will be
|
|
|
|
# banned for one hour.
|
|
|
|
# If it continues to query the API during this ban time at least
|
|
|
|
# ban_min_strike times, it will be banned for a month.
|
|
|
|
# optional, default is 3
|
|
|
|
ban_min_strike => 3,
|
|
|
|
|
2017-04-21 12:54:39 +02:00
|
|
|
# Ban whitelist
|
|
|
|
# You can whitelist IP addresses to prevent you from being banned
|
|
|
|
# Be careful, the IP addresses are compared as string, not as IP addresses
|
|
|
|
# a network range will not work
|
|
|
|
# Example of valid input: ban_whitelist => ['198.51.100.42', '2001:0DB8::42'],¬
|
|
|
|
# optional, default is an empty array
|
|
|
|
#ban_whitelist => [],
|
|
|
|
|
2018-11-04 11:00:11 +01:00
|
|
|
# Ban blacklist
|
|
|
|
# You can blacklist IP addresses to always ban those IP addresses
|
|
|
|
# Be careful, the IP addresses are compared as string, not as IP addresses
|
|
|
|
# a network range will not work
|
|
|
|
# Example of valid input: ban_blacklist => ['198.51.100.42', '2001:0DB8::42'],¬
|
|
|
|
# optional, default is an empty array
|
|
|
|
#ban_blacklist => [],
|
|
|
|
|
2017-02-02 20:22:09 +01:00
|
|
|
# define an URL to the Piwik instance and the ID of a website to track
|
|
|
|
# set if you want to track views in Piwik
|
|
|
|
# optional, Piwik tracking is disabled by default
|
|
|
|
#piwik => {
|
|
|
|
# url => 'http://piwik.example.com',
|
|
|
|
# idsite => '1',
|
|
|
|
#},
|
|
|
|
|
|
|
|
# use Minion instead of directly increase counters
|
|
|
|
# need to launch a minion worker service if enabled
|
|
|
|
# optional, Minion is disabled by default
|
2018-11-04 11:00:11 +01:00
|
|
|
# It will use the same DB type as Lstu: sqlite if you choose sqlite for `dbtype`,
|
|
|
|
# postgresql for postgresql, etc.
|
2017-02-02 20:22:09 +01:00
|
|
|
#minion => {
|
|
|
|
# enabled => 0,
|
2018-11-04 11:00:11 +01:00
|
|
|
# # SQLite ONLY - only used if if you choose sqlite as DB type,
|
|
|
|
# # define the path to the minion database
|
|
|
|
# # you can define it relative to lstu directory or set an absolute path
|
|
|
|
# # remember that it has to be in a directory writable by Lutim user
|
|
|
|
# # optional, default is minion.db
|
|
|
|
# db_path => 'minion.db',
|
|
|
|
# # PostgreSQL ONLY - only used if you choose postgresql as DB type
|
|
|
|
# # these are the credentials to access the Minion's PostgreSQL database
|
|
|
|
# # mandatory if you choosed postgresql as DB type, no default
|
|
|
|
# pgdb => {
|
|
|
|
# database => 'lstu_minion',
|
|
|
|
# host => 'localhost',
|
|
|
|
# # optional, default is 5432
|
|
|
|
# #port => 5432,
|
|
|
|
# user => 'DBUSER',
|
|
|
|
# pwd => 'DBPASSWORD'
|
|
|
|
# },
|
|
|
|
# # MySQL ONLY - only used if you choose mysql as DB type
|
|
|
|
# # these are the credentials to access the Minion's MySQL database
|
|
|
|
# # mandatory if you choosed mysql as DB type, no default
|
|
|
|
# mysqldb => {
|
|
|
|
# database => 'lstu_minion',
|
|
|
|
# host => 'localhost',
|
|
|
|
# # optional, default is 3306
|
|
|
|
# #port => 3306,
|
|
|
|
# user => 'DBUSER',
|
|
|
|
# pwd => 'DBPASSWORD',
|
|
|
|
# },
|
2017-02-02 20:22:09 +01:00
|
|
|
#},
|
|
|
|
|
|
|
|
# set `ldap` if you want that only authenticated users can shorten URLs
|
|
|
|
# please note that everybody can still use shortend URLs
|
|
|
|
# optional, no default
|
2019-02-15 15:02:34 +01:00
|
|
|
__IS_PUBLIC__ldap => {
|
|
|
|
__IS_PUBLIC__ uri => 'ldap://localhost:389', # server URI
|
|
|
|
__IS_PUBLIC__ user_tree => 'dc=yunohost,dc=org', # search base DN
|
|
|
|
__IS_PUBLIC__ bind_dn => 'ou=users,dc=yunohost,dc=org', # search bind DN
|
|
|
|
__IS_PUBLIC__# bind_pwd => '', # search bind password
|
|
|
|
__IS_PUBLIC__ user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.)
|
|
|
|
__IS_PUBLIC__# user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.)
|
|
|
|
__IS_PUBLIC__},
|
2017-02-02 20:22:09 +01:00
|
|
|
|
|
|
|
# set `htpasswd` if you want to use an htpasswd file instead of ldap
|
|
|
|
# create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2`
|
|
|
|
# make sure that lstu can read the file!
|
|
|
|
# optional, no default
|
|
|
|
#htpasswd => 'lstu.passwd',
|
|
|
|
|
|
|
|
# if you've set ldap or htpasswd above, the session will last `session_duration` seconds before
|
|
|
|
# the user needs to reauthenticate
|
|
|
|
# optional, default is 3600
|
|
|
|
#session_duration => 3600,
|
2018-11-04 11:00:11 +01:00
|
|
|
|
|
|
|
# how many redirections are allowed for the shortened URL before considering it as a spam?
|
|
|
|
# optional, default is 2. Set to -1 to allow infinite redirections (not recommended)
|
|
|
|
#max_redir => 2,
|
|
|
|
|
|
|
|
# spam blacklist regex. All URLs (or redirection) whose host part matches this regex are considered as spam
|
|
|
|
# optional, no default
|
|
|
|
#spam_blacklist_regex => 'foo|bar',
|
|
|
|
|
|
|
|
# spam path blacklist regex. All URLs (or redirection) whose path part matches this regex are considered as spam
|
|
|
|
# optional, no default
|
|
|
|
#spam_path_blacklist_regex => 'foo|bar',
|
|
|
|
|
|
|
|
# spam whitelist regex. All URLs (or redirection) whose host part matches this regex will never be considered as spam
|
|
|
|
# optional, no default
|
|
|
|
#spam_whitelist_regex => 'foo|bar',
|
|
|
|
|
|
|
|
# set to 1 to skip SpamHaus check (not recommended)
|
|
|
|
# optional, default is 0
|
|
|
|
#skip_spamhaus => 0,
|
|
|
|
|
|
|
|
# put your Google API key to enable Google safebrowsing check
|
|
|
|
# This will allow Lstu to download the Google safebrowsing database and use a local copy to check the URLs.
|
|
|
|
# Google does not get the URLs that are checked.
|
|
|
|
# Instructions to get a key: https://developers.google.com/safe-browsing/v4/get-started
|
|
|
|
# TL;DR: https://console.developers.google.com/projectselector/apis/library
|
|
|
|
# optional, no default
|
|
|
|
#safebrowsing_api_key => '',
|
|
|
|
|
|
|
|
# array of memcached servers to cache URL in order to accelerate responses to often-viewed URL.
|
|
|
|
# If set to [], the cache is disabled
|
|
|
|
# optional, default is []
|
|
|
|
#memcached_servers => [],
|
|
|
|
|
|
|
|
# Content-Security-Policy header that will be sent by Lstu
|
|
|
|
# Set to '' to disable CSP header
|
|
|
|
# https://content-security-policy.com/ provides a good documentation about CSP.
|
|
|
|
# https://report-uri.com/home/generate provides a tool to generate a CSP header.
|
|
|
|
# optional, default is "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'"
|
|
|
|
# the default value is good for `default` and `milligram` themes
|
|
|
|
#csp => "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'",
|
|
|
|
|
|
|
|
# X-Frame-Options header that will be sent by Lstu
|
|
|
|
# Valid values are: 'DENY', 'SAMEORIGIN', 'ALLOW-FROM https://example.com/'
|
|
|
|
# Set to '' to disable X-Frame-Options header
|
|
|
|
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
|
|
|
# Please note that this will add a "frame-ancestors" directive to the CSP header (see above) accordingly
|
|
|
|
# to the chosen setting (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors)
|
|
|
|
# optional, default is 'DENY'
|
|
|
|
#x_frame_options => 'DENY',
|
|
|
|
|
|
|
|
# X-Content-Type-Options that will be sent by Lstu
|
|
|
|
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
|
|
|
# Set to '' to disable X-Content-Type-Options header
|
|
|
|
# optional, default is 'nosniff'
|
|
|
|
#x_content_type_options => 'nosniff',
|
|
|
|
|
|
|
|
# X-XSS-Protection that will be sent by Lstu
|
|
|
|
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
|
|
|
# Set to '' to disable X-XSS-Protection header
|
|
|
|
# optional, default is '1; mode=block'
|
|
|
|
#x_xss_protection => '1; mode=block',
|
|
|
|
|
|
|
|
# Log creator's IP address
|
|
|
|
# Set to 1 if you want to register the IP addresses of URL creators
|
|
|
|
# optional, default is 0
|
|
|
|
#log_creator_ip => 0,
|
2017-02-02 20:22:09 +01:00
|
|
|
};
|
2018-11-04 11:00:11 +01:00
|
|
|
|