mirror of
https://github.com/YunoHost-Apps/lstu_ynh.git
synced 2024-09-03 19:36:12 +02:00
Update lstu.conf.template
This commit is contained in:
parent
328c1d92aa
commit
f8da5b64ec
1 changed files with 117 additions and 16 deletions
|
@ -9,12 +9,12 @@
|
|||
listen => ['http://127.0.0.1:__PORT__'],
|
||||
# if you use Lstu behind a reverse proxy like Nginx, you want to set proxy to 1
|
||||
# if you use Lstu directly, let it commented
|
||||
#proxy => 1,
|
||||
proxy => 1,
|
||||
},
|
||||
|
||||
# put a way to contact you here and uncomment it
|
||||
# MANDATORY
|
||||
contact => 'webmaster@__DOMAIN__',
|
||||
contact => 'webmaster[at]__DOMAIN__',
|
||||
|
||||
# array of random strings used to encrypt cookies
|
||||
# optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT
|
||||
|
@ -24,12 +24,12 @@
|
|||
# If you don't want to have a plain text password in configuration,
|
||||
# use hashed_adminpwd instead
|
||||
# optional, but you won't have access to admin /stats if not set and if hashed_adminpwd is not set either
|
||||
#adminpwd => 's3cr3T',
|
||||
adminpwd => '__ADMINPASS__',
|
||||
|
||||
# secret hashed passphrase to access some admin features
|
||||
# Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
|
||||
# optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
|
||||
#hashed_adminpwd => '94b2feede6ea5e2eec62f457ecb7d3f719b24d19c29d4e5466246a31908fc23b',
|
||||
hashed_adminpwd => '__ADMINHASH__',
|
||||
|
||||
# choose a theme. See the available themes in `themes` directory
|
||||
# optional, default is 'default'
|
||||
|
@ -67,9 +67,9 @@
|
|||
#fixed_domain => 'example.org',
|
||||
|
||||
# choose what database you want to use
|
||||
# valid choices are sqlite and postgresql (all lowercase)
|
||||
# valid choices are sqlite, postgresql and mysql (all lowercase)
|
||||
# optional, default is sqlite
|
||||
#dbtype => 'sqlite',
|
||||
dbtype => 'mysql',
|
||||
|
||||
# SQLite ONLY - only used if dbtype is set to sqlite
|
||||
# define a path to the SQLite database
|
||||
|
@ -84,8 +84,26 @@
|
|||
#pgdb => {
|
||||
# database => 'lstu',
|
||||
# host => 'localhost',
|
||||
# #user => 'DBUSER',
|
||||
# #pwd => 'DBPASSWORD'
|
||||
# # optional, default is 5432
|
||||
# #port => 5432,
|
||||
# user => 'DBUSER',
|
||||
# pwd => 'DBPASSWORD',
|
||||
# # optional, default is 1
|
||||
# #max_connections => 1,
|
||||
#},
|
||||
|
||||
# MySQL ONLY - only used if dbtype is set to mysql
|
||||
# these are the credentials to access the MySQL database
|
||||
# mandatory if you choosed mysql as dbtype
|
||||
mysqldb => {
|
||||
database => '__DBNAME__',
|
||||
host => 'localhost',
|
||||
# optional, default is 3306
|
||||
#port => 3306,
|
||||
user => '__DBUSER__',
|
||||
pwd => '__DBPASS__',
|
||||
# optional, default is 5 (set to 0 to disable persistent connections)
|
||||
#max_connections => 5,
|
||||
#},
|
||||
|
||||
# Rate-limiting for the API
|
||||
|
@ -115,21 +133,50 @@
|
|||
# use Minion instead of directly increase counters
|
||||
# need to launch a minion worker service if enabled
|
||||
# optional, Minion is disabled by default
|
||||
# It will use the same DB type as Lstu: sqlite if you choose sqlite for `dbtype`,
|
||||
# postgresql for postgresql, etc.
|
||||
#minion => {
|
||||
# enabled => 0,
|
||||
# db_path => 'minion.db' # you can define it relative to lstu directory or set an absolute path
|
||||
# # SQLite ONLY - only used if if you choose sqlite as DB type,
|
||||
# # define the path to the minion database
|
||||
# # you can define it relative to lstu directory or set an absolute path
|
||||
# # remember that it has to be in a directory writable by Lutim user
|
||||
# # optional, default is minion.db
|
||||
# db_path => 'minion.db',
|
||||
# # PostgreSQL ONLY - only used if you choose postgresql as DB type
|
||||
# # these are the credentials to access the Minion's PostgreSQL database
|
||||
# # mandatory if you choosed postgresql as DB type, no default
|
||||
# pgdb => {
|
||||
# database => 'lstu_minion',
|
||||
# host => 'localhost',
|
||||
# # optional, default is 5432
|
||||
# #port => 5432,
|
||||
# user => 'DBUSER',
|
||||
# pwd => 'DBPASSWORD'
|
||||
# },
|
||||
# # MySQL ONLY - only used if you choose mysql as DB type
|
||||
# # these are the credentials to access the Minion's MySQL database
|
||||
# # mandatory if you choosed mysql as DB type, no default
|
||||
# mysqldb => {
|
||||
# database => 'lstu_minion',
|
||||
# host => 'localhost',
|
||||
# # optional, default is 3306
|
||||
# #port => 3306,
|
||||
# user => 'DBUSER',
|
||||
# pwd => 'DBPASSWORD',
|
||||
# },
|
||||
#},
|
||||
|
||||
# set `ldap` if you want that only authenticated users can shorten URLs
|
||||
# please note that everybody can still use shortend URLs
|
||||
# optional, no default
|
||||
#ldap => {
|
||||
# uri => 'ldaps://ldap.example.org',
|
||||
# user_tree => 'ou=users,dc=example,dc=org',
|
||||
# bind_dn => ',ou=users,dc=example,dc=org',
|
||||
# bind_user => 'uid=ldap_user',
|
||||
# bind_pwd => 'secr3t',
|
||||
# user_filter => '!(uid=ldap_user)'
|
||||
# uri => 'ldaps://ldap.example.org', # server URI
|
||||
# user_tree => 'ou=users,dc=example,dc=org', # search base DN
|
||||
# bind_dn => 'uid=ldap_user,ou=users,dc=example,dc=org', # search bind DN
|
||||
# bind_pwd => 'secr3t', # search bind password
|
||||
# user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.)
|
||||
# user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.)
|
||||
#},
|
||||
|
||||
# set `htpasswd` if you want to use an htpasswd file instead of ldap
|
||||
|
@ -142,4 +189,58 @@
|
|||
# the user needs to reauthenticate
|
||||
# optional, default is 3600
|
||||
#session_duration => 3600,
|
||||
|
||||
# how many redirections are allowed for the shortened URL before considering it as a spam?
|
||||
# optional, default is 2. Set to -1 to allow infinite redirections (not recommended)
|
||||
#max_redir => 2,
|
||||
|
||||
# spam blacklist regex. All URLs (or redirection) whose host part matches this regex are considered as spam
|
||||
# optional, no default
|
||||
#spam_blacklist_regex => 'foo|bar',
|
||||
|
||||
# spam path blacklist regex. All URLs (or redirection) whose path part matches this regex are considered as spam
|
||||
# optional, no default
|
||||
#spam_path_blacklist_regex => 'foo|bar',
|
||||
|
||||
# spam whitelist regex. All URLs (or redirection) whose host part matches this regex will never be considered as spam
|
||||
# optional, no default
|
||||
#spam_whitelist_regex => 'foo|bar',
|
||||
|
||||
# set to 1 to skip SpamHaus check (not recommended)
|
||||
# optional, default is 0
|
||||
#skip_spamhaus => 0,
|
||||
|
||||
# array of memcached servers to cache URL in order to accelerate responses to often-viewed URL.
|
||||
# If set to [], the cache is disabled
|
||||
# optional, default is []
|
||||
#memcached_servers => [],
|
||||
|
||||
# Content-Security-Policy header that will be sent by Lstu
|
||||
# Set to '' to disable CSP header
|
||||
# https://content-security-policy.com/ provides a good documentation about CSP.
|
||||
# https://report-uri.com/home/generate provides a tool to generate a CSP header.
|
||||
# optional, default is "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'"
|
||||
# the default value is good for `default` and `milligram` themes
|
||||
csp => "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'",
|
||||
|
||||
# X-Frame-Options header that will be sent by Lstu
|
||||
# Valid values are: 'DENY', 'SAMEORIGIN', 'ALLOW-FROM https://example.com/'
|
||||
# Set to '' to disable X-Frame-Options header
|
||||
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
# Please note that this will add a "frame-ancestors" directive to the CSP header (see above) accordingly
|
||||
# to the chosen setting (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors)
|
||||
# optional, default is 'DENY'
|
||||
x_frame_options => 'DENY',
|
||||
|
||||
# X-Content-Type-Options that will be sent by Lstu
|
||||
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
||||
# Set to '' to disable X-Content-Type-Options header
|
||||
# optional, default is 'nosniff'
|
||||
x_content_type_options => 'nosniff',
|
||||
|
||||
# X-XSS-Protection that will be sent by Lstu
|
||||
# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
||||
# Set to '' to disable X-XSS-Protection header
|
||||
# optional, default is '1; mode=block'
|
||||
x_xss_protection => '1; mode=block',
|
||||
};
|
||||
|
|
Loading…
Add table
Reference in a new issue