mirror of
https://github.com/YunoHost-Apps/thelounge_ynh.git
synced 2024-09-03 20:35:54 +02:00
commit
e042f453d9
2 changed files with 318 additions and 300 deletions
613
conf/config.js
613
conf/config.js
|
@ -1,416 +1,431 @@
|
||||||
"use strict";
|
"use strict";
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
|
// ## Server settings
|
||||||
|
|
||||||
|
// ### `public`
|
||||||
//
|
//
|
||||||
// Set the server mode.
|
// When set to `true`, The Lounge starts in public mode. When set to `false`,
|
||||||
// Public servers does not require authentication.
|
// it starts in private mode.
|
||||||
//
|
//
|
||||||
// Set to 'false' to enable users.
|
// - A **public server** does not require authentication. Anyone can connect
|
||||||
//
|
// to IRC networks in this mode. All IRC connections and channel
|
||||||
// @type boolean
|
// scrollbacks are lost when a user leaves the client.
|
||||||
// @default false
|
// - A **private server** requires users to log in. Their IRC connections are
|
||||||
|
// kept even when they are not using or logged in to the client. All joined
|
||||||
|
// channels and scrollbacks are available when they come back.
|
||||||
//
|
//
|
||||||
|
// This value is set to `false` by default.
|
||||||
public: false,
|
public: false,
|
||||||
|
|
||||||
|
// ### `host`
|
||||||
//
|
//
|
||||||
// IP address or hostname for the web server to listen on.
|
// IP address or hostname for the web server to listen to. For example, set it
|
||||||
// Setting this to undefined will listen on all interfaces.
|
// to `"127.0.0.1"` to accept connections from localhost only.
|
||||||
//
|
//
|
||||||
// For UNIX domain sockets, use unix:/absolute/path/to/file.sock.
|
// For UNIX domain sockets, use `"unix:/absolute/path/to/file.sock"`.
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default undefined
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `undefined` by default to listen on all interfaces.
|
||||||
host: undefined,
|
host: undefined,
|
||||||
|
|
||||||
|
// ### `port`
|
||||||
//
|
//
|
||||||
// Set the port to listen on.
|
// Set the port to listen to.
|
||||||
//
|
|
||||||
// @type int
|
|
||||||
// @default 9000
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `9000` by default.
|
||||||
port: __PORT__,
|
port: __PORT__,
|
||||||
|
|
||||||
|
// ### `bind`
|
||||||
//
|
//
|
||||||
// Set the local IP to bind to for outgoing connections. Leave to undefined
|
// Set the local IP to bind to for outgoing connections.
|
||||||
// to let the operating system pick its preferred one.
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default undefined
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `undefined` by default to let the operating system
|
||||||
|
// pick its preferred one.
|
||||||
bind: undefined,
|
bind: undefined,
|
||||||
|
|
||||||
|
// ### `reverseProxy`
|
||||||
//
|
//
|
||||||
// Sets whether the server is behind a reverse proxy and should honor the
|
// When set to `true`, The Lounge is marked as served behind a reverse proxy
|
||||||
// X-Forwarded-For header or not.
|
// and will honor the `X-Forwarded-For` header.
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `false` by default.
|
||||||
reverseProxy: true,
|
reverseProxy: true,
|
||||||
|
|
||||||
|
// ### `maxHistory`
|
||||||
//
|
//
|
||||||
// Set the default theme.
|
// Defines the maximum number of history lines that will be kept in memory per
|
||||||
// Find out how to add new themes at https://thelounge.github.io/docs/plugins/themes.html
|
// channel/query, in order to reduce the memory usage of the server. Setting
|
||||||
|
// this to `-1` will keep unlimited amount.
|
||||||
//
|
//
|
||||||
// @type string
|
// This value is set to `10000` by default.
|
||||||
// @default "example"
|
maxHistory: 10000,
|
||||||
//
|
|
||||||
// theme: "example",
|
|
||||||
|
|
||||||
|
// ### `https`
|
||||||
//
|
//
|
||||||
// Prefetch URLs
|
// These settings are used to run The Lounge's web server using encrypted TLS.
|
||||||
//
|
//
|
||||||
// If enabled, The Lounge will try to load thumbnails and site descriptions from
|
// If you want more control over the webserver,
|
||||||
// URLs posted in channels.
|
// [use a reverse proxy instead](https://thelounge.chat/docs/guides/reverse-proxies).
|
||||||
//
|
//
|
||||||
// @type boolean
|
// The available keys for the `https` object are:
|
||||||
// @default false
|
|
||||||
//
|
//
|
||||||
|
// - `enable`: when set to `false`, HTTPS support is disabled
|
||||||
|
// and all other values are ignored.
|
||||||
|
// - `key`: Path to the private key file.
|
||||||
|
// - `certificate`: Path to the certificate.
|
||||||
|
// - `ca`: Path to the CA bundle.
|
||||||
|
//
|
||||||
|
// The value of `enable` is set to `false` to disable HTTPS by default, in
|
||||||
|
// which case the other two string settings are ignored.
|
||||||
|
https: {
|
||||||
|
enable: false,
|
||||||
|
key: "",
|
||||||
|
certificate: "",
|
||||||
|
ca: "",
|
||||||
|
},
|
||||||
|
|
||||||
|
// ## Client settings
|
||||||
|
|
||||||
|
// ### `theme`
|
||||||
|
//
|
||||||
|
// Set the default theme to serve to new users. They will be able to select a
|
||||||
|
// different one in their client settings among those available.
|
||||||
|
//
|
||||||
|
// The Lounge ships with two themes (`default` and `morning`) and can be
|
||||||
|
// extended by installing more themes. Read more about how to manage them
|
||||||
|
// [here](https://thelounge.chat/docs/guides/theme-creation).
|
||||||
|
//
|
||||||
|
// This value needs to be the package name and not the display name. For
|
||||||
|
// example, the value for Morning would be `morning`, and the value for
|
||||||
|
// Solarized would be `thelounge-theme-solarized`.
|
||||||
|
//
|
||||||
|
// This value is set to `"default"` by default.
|
||||||
|
theme: "default",
|
||||||
|
|
||||||
|
// ### `prefetch`
|
||||||
|
//
|
||||||
|
// When set to `true`, The Lounge will load thumbnails and site descriptions
|
||||||
|
// from URLs posted in channels and private messages.
|
||||||
|
//
|
||||||
|
// This value is set to `false` by default.
|
||||||
prefetch: true,
|
prefetch: true,
|
||||||
|
|
||||||
|
// ### `disableMediaPreview`
|
||||||
//
|
//
|
||||||
// Store and proxy prefetched images and thumbnails.
|
// When set to `true`, The Lounge will not preview media (images, video and
|
||||||
// This improves security and privacy by not exposing client IP address,
|
// audio) hosted on third-party sites. This ensures the client does not
|
||||||
// and always loading images from The Lounge instance and making all assets secure,
|
// make any requests to external sites. If `prefetchStorage` is enabled,
|
||||||
// which in result fixes mixed content warnings.
|
// images proxied via the The Lounge will be previewed.
|
||||||
|
//
|
||||||
|
// This has no effect if `prefetch` is set to `false`.
|
||||||
|
//
|
||||||
|
// This value is set to `false` by default.
|
||||||
|
disableMediaPreview: false,
|
||||||
|
|
||||||
|
// ### `prefetchStorage`
|
||||||
|
|
||||||
|
// When set to `true`, The Lounge will store and proxy prefetched images and
|
||||||
|
// thumbnails on the filesystem rather than directly display the content at
|
||||||
|
// the original URLs.
|
||||||
|
//
|
||||||
|
// This option primarily exists to resolve mixed content warnings by not
|
||||||
|
// loading images from http hosts. This option does not work for video
|
||||||
|
// or audio as The Lounge will only load these from https hosts.
|
||||||
//
|
//
|
||||||
// If storage is enabled, The Lounge will fetch and store images and thumbnails
|
// If storage is enabled, The Lounge will fetch and store images and thumbnails
|
||||||
// in the `${THELOUNGE_HOME}/storage` folder.
|
// in the `${THELOUNGE_HOME}/storage` folder.
|
||||||
//
|
//
|
||||||
// Images are deleted when they are no longer referenced by any message (controlled by maxHistory),
|
// Images are deleted when they are no longer referenced by any message
|
||||||
// and the folder is cleaned up on every The Lounge restart.
|
// (controlled by `maxHistory`), and the folder is cleaned up when The Lounge
|
||||||
//
|
// restarts.
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `false` by default.
|
||||||
prefetchStorage: true,
|
prefetchStorage: true,
|
||||||
|
|
||||||
|
// ### `prefetchMaxImageSize`
|
||||||
//
|
//
|
||||||
// Prefetch URLs Image Preview size limit
|
// When `prefetch` is enabled, images will only be displayed if their file
|
||||||
//
|
// size does not exceed this limit.
|
||||||
// If prefetch is enabled, The Lounge will only display content under the maximum size.
|
|
||||||
// Specified value is in kilobytes. Default value is 2048 kilobytes.
|
|
||||||
//
|
|
||||||
// @type int
|
|
||||||
// @default 2048
|
|
||||||
//
|
//
|
||||||
|
// This value is set to `2048` kilobytes by default.
|
||||||
prefetchMaxImageSize: 2048,
|
prefetchMaxImageSize: 2048,
|
||||||
|
|
||||||
|
// ### `fileUpload`
|
||||||
//
|
//
|
||||||
// Lock network
|
// Allow uploading files to the server hosting The Lounge.
|
||||||
//
|
//
|
||||||
// If set to true, users will not be able to modify host, port and tls
|
// Files are stored in the `${THELOUNGE_HOME}/uploads` folder, do not expire,
|
||||||
// settings and will be limited to the configured network.
|
// and are not removed by The Lounge. This may cause issues depending on your
|
||||||
|
// hardware, for example in terms of disk usage.
|
||||||
//
|
//
|
||||||
// @type boolean
|
// The available keys for the `fileUpload` object are:
|
||||||
// @default false
|
|
||||||
//
|
//
|
||||||
lockNetwork: false,
|
// - `enable`: When set to `true`, files can be uploaded on the client with a
|
||||||
|
// drag-and-drop or using the upload dialog.
|
||||||
|
// - `maxFileSize`: When file upload is enabled, users sending files above
|
||||||
|
// this limit will be prompted with an error message in their browser. A value of
|
||||||
|
// `-1` disables the file size limit and allows files of any size. **Use at
|
||||||
|
// your own risk.** This value is set to `10240` kilobytes by default.
|
||||||
|
// - `baseUrl`: If you want change the URL where uploaded files are accessed,
|
||||||
|
// you can set this option to `"https://example.com/folder/"` and the final URL
|
||||||
|
// would look like `"https://example.com/folder/aabbccddeeff1234/name.png"`.
|
||||||
|
// If you use this option, you must have a reverse proxy configured,
|
||||||
|
// to correctly proxy the uploads URLs back to The Lounge.
|
||||||
|
// This value is set to `null` by default.
|
||||||
|
fileUpload: {
|
||||||
|
enable: false,
|
||||||
|
maxFileSize: 10240,
|
||||||
|
baseUrl: null,
|
||||||
|
},
|
||||||
|
|
||||||
|
// ### `transports`
|
||||||
//
|
//
|
||||||
// Hex IP
|
// Set `socket.io` transports.
|
||||||
//
|
//
|
||||||
// If enabled, clients' username will be set to their IP encoded has hex.
|
// This value is set to `["polling", "websocket"]` by default.
|
||||||
// This is done to share the real user IP address with the server for host masking purposes.
|
transports: ["polling", "websocket"],
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
|
||||||
useHexIp: false,
|
|
||||||
|
|
||||||
|
// ### `leaveMessage`
|
||||||
//
|
//
|
||||||
// WEBIRC support
|
// Set users' default `quit` and `part` messages if they are not providing
|
||||||
|
// one.
|
||||||
//
|
//
|
||||||
// If enabled, The Lounge will pass the connecting user's host and IP to the
|
// This value is set to `"The Lounge - https://thelounge.chat"` by
|
||||||
// IRC server. Note that this requires to obtain a password from the IRC network
|
// default.
|
||||||
// The Lounge will be connecting to and generally involves a lot of trust from the
|
leaveMessage: "The Lounge - https://thelounge.chat",
|
||||||
// network you are connecting to.
|
|
||||||
//
|
|
||||||
// Format (standard): {"irc.example.net": "hunter1", "irc.example.org": "passw0rd"}
|
|
||||||
// Format (function):
|
|
||||||
// {"irc.example.net": function(client, args, trusted) {
|
|
||||||
// // here, we return a webirc object fed directly to `irc-framework`
|
|
||||||
// return {username: "thelounge", password: "hunter1", address: args.ip, hostname: "webirc/"+args.hostname};
|
|
||||||
// }}
|
|
||||||
//
|
|
||||||
// @type string | function(client, args):object(webirc)
|
|
||||||
// @default null
|
|
||||||
webirc: null,
|
|
||||||
|
|
||||||
//
|
// ## Default network
|
||||||
// Message logging
|
|
||||||
// Logging is also controlled per user individually (logs variable)
|
|
||||||
// Leave the array empty to disable all logging globally
|
|
||||||
//
|
|
||||||
// text: Text file per network/channel in user folder
|
|
||||||
// sqlite: Messages are stored in SQLite, this allows them to be reloaded on server restart
|
|
||||||
//
|
|
||||||
// @type array
|
|
||||||
// @default ["sqlite", "text"]
|
|
||||||
//
|
|
||||||
messageStorage: ["sqlite"],
|
|
||||||
|
|
||||||
|
// ### `defaults`
|
||||||
//
|
//
|
||||||
// Maximum number of history lines per channel
|
// Specifies default network information that will be used as placeholder
|
||||||
|
// values in the *Connect* window.
|
||||||
//
|
//
|
||||||
// Defines the maximum number of history lines that will be kept in
|
// The available keys for the `defaults` object are:
|
||||||
// memory per channel/query, in order to reduce the memory usage of
|
|
||||||
// the server. Setting this to -1 will keep unlimited amount.
|
|
||||||
//
|
//
|
||||||
// @type integer
|
// - `name`: Name to display in the channel list of The Lounge. This value is
|
||||||
// @default 10000
|
// not forwarded to the IRC network.
|
||||||
maxHistory: 10000,
|
// - `host`: IP address or hostname of the IRC server.
|
||||||
|
// - `port`: Usually 6667 for unencrypted connections and 6697 for
|
||||||
|
// connections encrypted with TLS.
|
||||||
|
// - `password`: Connection password. If the server supports SASL capability,
|
||||||
|
// then this password will be used in SASL authentication.
|
||||||
|
// - `tls`: Enable TLS connections
|
||||||
|
// - `rejectUnauthorized`: Whether the server certificate should be verified
|
||||||
|
// against the list of supplied Certificate Authorities (CAs) by your
|
||||||
|
// Node.js installation.
|
||||||
|
// - `nick`: Nick name. Percent signs (`%`) will be replaced by random
|
||||||
|
// numbers from 0 to 9. For example, `Guest%%%` may become `Guest123`.
|
||||||
|
// - `username`: User name.
|
||||||
|
// - `realname`: Real name.
|
||||||
|
// - `join`: Comma-separated list of channels to auto-join once connected.
|
||||||
//
|
//
|
||||||
// Default values for the 'Connect' form.
|
// This value is set to connect to the official channel of The Lounge on
|
||||||
//
|
// Freenode by default:
|
||||||
// @type object
|
|
||||||
// @default {}
|
|
||||||
//
|
//
|
||||||
|
// ```js
|
||||||
|
// defaults: {
|
||||||
|
// name: "Freenode",
|
||||||
|
// host: "chat.freenode.net",
|
||||||
|
// port: 6697,
|
||||||
|
// password: "",
|
||||||
|
// tls: true,
|
||||||
|
// rejectUnauthorized: true,
|
||||||
|
// nick: "thelounge%%",
|
||||||
|
// username: "thelounge",
|
||||||
|
// realname: "The Lounge User",
|
||||||
|
// join: "#thelounge"
|
||||||
|
// }
|
||||||
|
// ```
|
||||||
defaults: {
|
defaults: {
|
||||||
//
|
|
||||||
// Name
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "Freenode"
|
|
||||||
//
|
|
||||||
name: "Freenode",
|
name: "Freenode",
|
||||||
|
|
||||||
//
|
|
||||||
// Host
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "chat.freenode.net"
|
|
||||||
//
|
|
||||||
host: "chat.freenode.net",
|
host: "chat.freenode.net",
|
||||||
|
|
||||||
//
|
|
||||||
// Port
|
|
||||||
//
|
|
||||||
// @type int
|
|
||||||
// @default 6697
|
|
||||||
//
|
|
||||||
port: 6697,
|
port: 6697,
|
||||||
|
|
||||||
//
|
|
||||||
// Password
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default ""
|
|
||||||
//
|
|
||||||
password: "",
|
password: "",
|
||||||
|
|
||||||
//
|
|
||||||
// Enable TLS/SSL
|
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default true
|
|
||||||
//
|
|
||||||
tls: true,
|
tls: true,
|
||||||
|
|
||||||
//
|
|
||||||
// Enable certificate verification
|
|
||||||
//
|
|
||||||
// If true, the server certificate is verified against
|
|
||||||
// the list of supplied CAs by your node.js installation.
|
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default true
|
|
||||||
//
|
|
||||||
rejectUnauthorized: true,
|
rejectUnauthorized: true,
|
||||||
|
|
||||||
//
|
|
||||||
// Nick
|
|
||||||
//
|
|
||||||
// Percent sign (%) will be replaced into a random number from 0 to 9.
|
|
||||||
// For example, Guest%%% will become Guest123 on page load.
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "thelounge%%"
|
|
||||||
//
|
|
||||||
nick: "ynhuser|%%%%%",
|
nick: "ynhuser|%%%%%",
|
||||||
|
|
||||||
//
|
|
||||||
// Username
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "thelounge"
|
|
||||||
//
|
|
||||||
username: "thelounge",
|
username: "thelounge",
|
||||||
|
|
||||||
//
|
|
||||||
// Real Name
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "The Lounge User"
|
|
||||||
//
|
|
||||||
realname: "The Lounge User",
|
realname: "The Lounge User",
|
||||||
|
|
||||||
//
|
|
||||||
// Channels
|
|
||||||
// This is a comma-separated list.
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "#thelounge"
|
|
||||||
//
|
|
||||||
join: "#yunohost",
|
join: "#yunohost",
|
||||||
},
|
},
|
||||||
|
|
||||||
|
// ### `lockNetwork`
|
||||||
//
|
//
|
||||||
// Set socket.io transports
|
// When set to `true`, users will not be able to modify host, port and TLS
|
||||||
|
// settings and will be limited to the configured network.
|
||||||
|
// These fields will also be hidden from the UI.
|
||||||
//
|
//
|
||||||
// @type array
|
// This value is set to `false` by default.
|
||||||
// @default ["polling", "websocket"]
|
lockNetwork: false,
|
||||||
//
|
|
||||||
transports: ["polling", "websocket"],
|
|
||||||
|
|
||||||
//
|
// ## User management
|
||||||
// Run The Lounge using encrypted HTTP/2.
|
|
||||||
// This will fallback to regular HTTPS if HTTP/2 is not supported.
|
|
||||||
//
|
|
||||||
// @type object
|
|
||||||
// @default {}
|
|
||||||
//
|
|
||||||
https: {
|
|
||||||
//
|
|
||||||
// Enable HTTP/2 / HTTPS support.
|
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
|
||||||
enable: false,
|
|
||||||
|
|
||||||
//
|
// ### `messageStorage`
|
||||||
// Path to the key.
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @example "sslcert/key.pem"
|
|
||||||
// @default ""
|
|
||||||
//
|
|
||||||
key: "",
|
|
||||||
|
|
||||||
//
|
// The Lounge can log user messages, for example to access them later or to
|
||||||
// Path to the certificate.
|
// reload messages on server restart.
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @example "sslcert/key-cert.pem"
|
|
||||||
// @default ""
|
|
||||||
//
|
|
||||||
certificate: "",
|
|
||||||
|
|
||||||
//
|
// Set this array with one or multiple values to enable logging:
|
||||||
// Path to the CA bundle.
|
// - `text`: Messages per network and channel will be stored as text files.
|
||||||
//
|
// **Messages will not be reloaded on restart.**
|
||||||
// @type string
|
// - `sqlite`: Messages are stored in SQLite database files, one per user.
|
||||||
// @example "sslcert/bundle.pem"
|
//
|
||||||
// @default ""
|
// Logging can be disabled globally by setting this value to an empty array
|
||||||
//
|
// `[]`. Logging is also controlled per user individually in the `log` key of
|
||||||
ca: "",
|
// their JSON configuration file.
|
||||||
},
|
//
|
||||||
|
// This value is set to `["sqlite", "text"]` by default.
|
||||||
|
messageStorage: ["sqlite", "text"],
|
||||||
|
|
||||||
|
// ### `useHexIp`
|
||||||
//
|
//
|
||||||
// Default quit and part message if none is provided.
|
// When set to `true`, users' IP addresses will be encoded as hex.
|
||||||
//
|
//
|
||||||
// @type string
|
// This is done to share the real user IP address with the server for host
|
||||||
// @default "The Lounge - https://thelounge.chat"
|
// masking purposes. This is encoded in the `username` field and only supports
|
||||||
|
// IPv4.
|
||||||
//
|
//
|
||||||
leaveMessage: "The Lounge - https://thelounge.chat",
|
// This value is set to `false` by default.
|
||||||
|
useHexIp: false,
|
||||||
|
|
||||||
|
// ## WEBIRC support
|
||||||
//
|
//
|
||||||
// Run The Lounge with identd support.
|
// When enabled, The Lounge will pass the connecting user's host and IP to the
|
||||||
|
// IRC server. Note that this requires to obtain a password from the IRC
|
||||||
|
// network that The Lounge will be connecting to and generally involves a lot
|
||||||
|
// of trust from the network you are connecting to.
|
||||||
//
|
//
|
||||||
// @type object
|
// There are 2 ways to configure the `webirc` setting:
|
||||||
// @default {}
|
|
||||||
//
|
//
|
||||||
|
// - **Basic**: an object where keys are IRC hosts and values are passwords.
|
||||||
|
// For example:
|
||||||
|
//
|
||||||
|
// ```json
|
||||||
|
// webirc: {
|
||||||
|
// "irc.example.net": "thisiswebircpassword1",
|
||||||
|
// "irc.example.org": "thisiswebircpassword2",
|
||||||
|
// },
|
||||||
|
// ```
|
||||||
|
//
|
||||||
|
// - **Advanced**: an object where keys are IRC hosts and values are functions
|
||||||
|
// that take two arguments (`webircObj`, `network`) and return an
|
||||||
|
// object to be directly passed to `irc-framework`. `webircObj` contains the
|
||||||
|
// generated object which you can modify. For example:
|
||||||
|
//
|
||||||
|
// ```js
|
||||||
|
// webirc: {
|
||||||
|
// "irc.example.com": (webircObj, network) => {
|
||||||
|
// webircObj.password = "thisiswebircpassword";
|
||||||
|
// webircObj.hostname = `webirc/${webircObj.hostname}`;
|
||||||
|
// return webircObj;
|
||||||
|
// },
|
||||||
|
// },
|
||||||
|
// ```
|
||||||
|
//
|
||||||
|
// This value is set to `null` to disable WEBIRC by default.
|
||||||
|
webirc: null,
|
||||||
|
|
||||||
|
// ## identd and oidentd support
|
||||||
|
|
||||||
|
// ### `identd`
|
||||||
|
//
|
||||||
|
// Run The Lounge with `identd` support.
|
||||||
|
//
|
||||||
|
// The available keys for the `identd` object are:
|
||||||
|
//
|
||||||
|
// - `enable`: When `true`, the identd daemon runs on server start.
|
||||||
|
// - `port`: Port to listen for ident requests.
|
||||||
|
//
|
||||||
|
// The value of `enable` is set to `false` to disable `identd` support by
|
||||||
|
// default, in which case the value of `port` is ignored. The default value of
|
||||||
|
// `port` is 113.
|
||||||
identd: {
|
identd: {
|
||||||
//
|
|
||||||
// Run the identd daemon on server start.
|
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
|
||||||
enable: false,
|
enable: false,
|
||||||
|
|
||||||
//
|
|
||||||
// Port to listen for ident requests.
|
|
||||||
//
|
|
||||||
// @type int
|
|
||||||
// @default 113
|
|
||||||
//
|
|
||||||
port: 113,
|
port: 113,
|
||||||
},
|
},
|
||||||
|
|
||||||
|
// ### `oidentd`
|
||||||
//
|
//
|
||||||
// Enable oidentd support using the specified file
|
// When this setting is a string, this enables `oidentd` support using the
|
||||||
//
|
// configuration file located at the given path.
|
||||||
// Example: oidentd: "~/.oidentd.conf",
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default null
|
|
||||||
//
|
//
|
||||||
|
// This is set to `null` by default to disable `oidentd` support.
|
||||||
oidentd: null,
|
oidentd: null,
|
||||||
|
|
||||||
|
// ## LDAP support
|
||||||
|
|
||||||
|
// These settings enable and configure LDAP authentication.
|
||||||
//
|
//
|
||||||
// LDAP authentication settings (only available if public=false)
|
// They are only being used in private mode. To know more about private mode,
|
||||||
// @type object
|
// see the `public` setting above.
|
||||||
// @default {}
|
|
||||||
//
|
//
|
||||||
// The authentication process works as follows:
|
// The authentication process works as follows:
|
||||||
//
|
//
|
||||||
// 1. Lounge connects to the LDAP server with its system credentials
|
// 1. The Lounge connects to the LDAP server with its system credentials.
|
||||||
// 2. It performs a LDAP search query to find the full DN associated to the
|
// 2. It performs an LDAP search query to find the full DN associated to the
|
||||||
// user requesting to log in.
|
// user requesting to log in.
|
||||||
// 3. Lounge tries to connect a second time, but this time using the user's
|
// 3. The Lounge tries to connect a second time, but this time using the
|
||||||
// DN and password. Auth is validated iff this connection is successful.
|
// user's DN and password. Authentication is validated if and only if this
|
||||||
|
// connection is successful.
|
||||||
//
|
//
|
||||||
// The search query takes a couple of parameters in `searchDN`:
|
// The search query takes a couple of parameters in `searchDN`:
|
||||||
// - a base DN `searchDN/base`. Only children nodes of this DN will be likely
|
|
||||||
// to be returned;
|
|
||||||
// - a search scope `searchDN/scope` (see LDAP documentation);
|
|
||||||
// - the query itself, build as (&(<primaryKey>=<username>) <filter>)
|
|
||||||
// where <username> is the user name provided in the log in request,
|
|
||||||
// <primaryKey> is provided by the config and <fitler> is a filtering complement
|
|
||||||
// also given in the config, to filter for instance only for nodes of type
|
|
||||||
// inetOrgPerson, or whatever LDAP search allows.
|
|
||||||
//
|
//
|
||||||
// Alternatively, you can specify the `bindDN` parameter. This will make the lounge
|
// - a base DN `searchDN/base`. Only children nodes of this DN will be likely
|
||||||
// ignore searchDN options and assume that the user DN is always:
|
// be returned;
|
||||||
// <bindDN>,<primaryKey>=<username>
|
// - a search scope `searchDN/scope` (see LDAP documentation);
|
||||||
// where <username> is the user name provided in the log in request, and <bindDN>
|
// - the query itself, built as `(&(<primaryKey>=<username>) <filter>)`
|
||||||
// and <primaryKey> are provided by the config.
|
// where `<username>` is the user name provided in the log in request,
|
||||||
|
// `<primaryKey>` is provided by the config and `<filter>` is a filtering
|
||||||
|
// complement also given in the config, to filter for instance only for
|
||||||
|
// nodes of type `inetOrgPerson`, or whatever LDAP search allows.
|
||||||
//
|
//
|
||||||
|
// Alternatively, you can specify the `bindDN` parameter. This will make The
|
||||||
|
// Lounge ignore `searchDN` options and assume that the user DN is always
|
||||||
|
// `<bindDN>,<primaryKey>=<username>`, where `<username>` is the user name
|
||||||
|
// provided in the log in request, and `<bindDN>` and `<primaryKey>` are
|
||||||
|
// provided by the configuration.
|
||||||
|
//
|
||||||
|
// The available keys for the `ldap` object are:
|
||||||
ldap: {
|
ldap: {
|
||||||
//
|
// - `enable`: when set to `false`, LDAP support is disabled and all other
|
||||||
// Enable LDAP user authentication
|
// values are ignored.
|
||||||
//
|
|
||||||
// @type boolean
|
|
||||||
// @default false
|
|
||||||
//
|
|
||||||
enable: true,
|
enable: true,
|
||||||
|
|
||||||
//
|
// - `url`: A url of the form `ldaps://<ip>:<port>`.
|
||||||
// LDAP server URL
|
// For plain connections, use the `ldap` scheme.
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
//
|
|
||||||
url: "ldap://127.0.0.1",
|
url: "ldap://127.0.0.1",
|
||||||
|
|
||||||
|
// - `primaryKey`: LDAP primary key. It is set to `"uid"` by default.
|
||||||
|
primaryKey: "uid",
|
||||||
|
|
||||||
//
|
// - `baseDN`: LDAP base DN, alternative to `searchDN`. For example, set it
|
||||||
// LDAP base dn, alternative to searchDN
|
// to `"ou=accounts,dc=example,dc=com"`.
|
||||||
//
|
// When unset, the LDAP auth logic with use `searchDN` instead to locate users.
|
||||||
// @type string
|
|
||||||
//
|
|
||||||
baseDN: "ou=users,dc=yunohost,dc=org",
|
baseDN: "ou=users,dc=yunohost,dc=org",
|
||||||
|
},
|
||||||
|
|
||||||
//
|
// ## Debugging settings
|
||||||
// LDAP primary key
|
|
||||||
//
|
|
||||||
// @type string
|
|
||||||
// @default "uid"
|
|
||||||
//
|
|
||||||
primaryKey: "uid"
|
|
||||||
|
|
||||||
}
|
// The `debug` object contains several settings to enable debugging in The
|
||||||
|
// Lounge. Use them to learn more about an issue you are noticing but be aware
|
||||||
|
// this may produce more logging or may affect connection performance so it is
|
||||||
|
// not recommended to use them by default.
|
||||||
|
//
|
||||||
|
// All values in the `debug` object are set to `false`.
|
||||||
|
debug: {
|
||||||
|
// ### `debug.ircFramework`
|
||||||
|
//
|
||||||
|
// When set to true, this enables extra debugging output provided by
|
||||||
|
// [`irc-framework`](https://github.com/kiwiirc/irc-framework), the
|
||||||
|
// underlying IRC library for Node.js used by The Lounge.
|
||||||
|
ircFramework: false,
|
||||||
|
|
||||||
|
// ### `debug.raw`
|
||||||
|
//
|
||||||
|
// When set to `true`, this enables logging of raw IRC messages into each
|
||||||
|
// server window, displayed on the client.
|
||||||
|
raw: false,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
|
|
|
@ -11,7 +11,10 @@ Environment="PATH=__ENV_PATH__"
|
||||||
Environment="THELOUNGE_HOME=/home/yunohost.app/__APP__/"
|
Environment="THELOUNGE_HOME=/home/yunohost.app/__APP__/"
|
||||||
Environment="NODE_ENV=production"
|
Environment="NODE_ENV=production"
|
||||||
ExecStart=/usr/bin/yarn start
|
ExecStart=/usr/bin/yarn start
|
||||||
Restart=always
|
Restart=on-failure
|
||||||
|
RestartSec=5
|
||||||
|
StartLimitInterval=60s
|
||||||
|
StartLimitBurst=3
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=default.target
|
WantedBy=default.target
|
||||||
|
|
Loading…
Add table
Reference in a new issue