178 lines
5.4 KiB
INI
178 lines
5.4 KiB
INI
[sr.ht]
|
|
#
|
|
# The name of your network of sr.ht-based sites
|
|
site-name=sourcehut
|
|
#
|
|
# The top-level info page for your site
|
|
site-info=https://sourcehut.org
|
|
#
|
|
# {{ site-name }}, {{ site-blurb }}
|
|
site-blurb=the hacker's forge
|
|
#
|
|
# If this != production, we add a banner to each page
|
|
environment=development
|
|
#
|
|
# Contact information for the site owners
|
|
owner-name=Drew DeVault
|
|
owner-email=sir@cmpwn.com
|
|
#
|
|
# The source code for your fork of sr.ht
|
|
source-url=https://git.sr.ht/~sircmpwn/srht
|
|
#
|
|
# A key used for encrypting session cookies. Use `srht-keygen service` to
|
|
# generate the service key. This must be shared between each node of the same
|
|
# service (e.g. git1.sr.ht and git2.sr.ht), but different services may use
|
|
# different keys. If you configure all of your services with the same
|
|
# config.ini, you may use the same service-key for all of them.
|
|
service-key=
|
|
#
|
|
# A secret key to encrypt internal messages with. Use `srht-keygen network` to
|
|
# generate this key. It must be consistent between all services and nodes.
|
|
network-key=
|
|
#
|
|
# The redis host URL. This is used for caching and temporary storage, and must
|
|
# be shared between nodes (e.g. git1.sr.ht and git2.sr.ht), but need not be
|
|
# shared between services. It may be shared between services, however, with no
|
|
# ill effect, if this better suits your infrastructure.
|
|
redis-host=
|
|
|
|
[mail]
|
|
#
|
|
# Outgoing SMTP settings
|
|
smtp-host=
|
|
smtp-port=
|
|
smtp-from=
|
|
#
|
|
# Default: starttls
|
|
# Options: starttls, tls, insecure
|
|
smtp-encryption=starttls
|
|
#
|
|
# Default: plain
|
|
# Options: plain, none
|
|
smtp-auth=plain
|
|
# user / password are required if smtp-auth is plain
|
|
smtp-user=
|
|
smtp-password=
|
|
#
|
|
# Application exceptions are emailed to this address
|
|
error-to=
|
|
error-from=
|
|
#
|
|
# You should generate a PGP key to allow users to authenticate emails received
|
|
# from your services. Use `gpg --edit-key [key id]` to remove the password from
|
|
# your private key, then export it to a file and set pgp-privkey to the path to
|
|
# that file. pgp-pubkey should be set to the path to your public key, and
|
|
# pgp-key-id should be set to the key ID string. Outgoing emails are signed with
|
|
# this PGP key.
|
|
pgp-privkey=
|
|
pgp-pubkey=
|
|
pgp-key-id=
|
|
|
|
[webhooks]
|
|
#
|
|
# base64-encoded Ed25519 key for signing webhook payloads. This should be
|
|
# consistent between all services.
|
|
#
|
|
# Use the `srht-keygen webhook` command to generate this key. Put the private
|
|
# key here and distribute the public key to anyone who would want to verify
|
|
# webhook payloads from your service.
|
|
private-key=
|
|
|
|
[lists.sr.ht]
|
|
#
|
|
# URL lists.sr.ht is being served at (protocol://domain)
|
|
origin=http://lists.sr.ht.local
|
|
#
|
|
# Address and port to bind the debug server to
|
|
debug-host=0.0.0.0
|
|
debug-port=5006
|
|
#
|
|
# Configures the SQLAlchemy connection string for the database.
|
|
connection-string=postgresql://postgres@localhost/lists.sr.ht
|
|
#
|
|
# Set to "yes" to automatically run migrations on package upgrade.
|
|
migrate-on-upgrade=yes
|
|
#
|
|
# The redis connection used for the webhooks worker
|
|
webhooks=redis://localhost:6379/1
|
|
#
|
|
# The redis connection used for the Celery worker (configure this on both the
|
|
# master and workers)
|
|
redis=redis://localhost:6379/0
|
|
#
|
|
# The domain that incoming email should be sent to. Forward mail sent here to
|
|
# the LTMP socket.
|
|
posting-domain=lists.sr.ht.local
|
|
#
|
|
# lists.sr.ht's OAuth client ID and secret for meta.sr.ht
|
|
# Register your client at meta.example.org/oauth
|
|
oauth-client-id=
|
|
oauth-client-secret=
|
|
#
|
|
# Trusted upstream SMTP server generating Authentication-Results header fields
|
|
msgauth-server=mail.sr.ht.local
|
|
#
|
|
# If "no", prevents non-admins from creating new lists
|
|
allow-new-lists=yes
|
|
#
|
|
# Origin URL for the API
|
|
# Only needed if not run behind a reverse proxy, e.g. for local development.
|
|
# By default, the API port is 100 more than the web port
|
|
#api-origin=http://localhost:5106
|
|
|
|
[lists.sr.ht::worker]
|
|
# Protocol used by the daemon. Either lmtp or smtp. By default lmtp if using
|
|
# unix socket and smtp if using tcp socket.
|
|
protocol=lmtp
|
|
#
|
|
# Path for the lmtp daemon's unix socket. Direct incoming mail to this socket.
|
|
# Alternatively, specify IP:PORT will run the server using tcp.
|
|
sock=/tmp/lists.sr.ht-lmtp.sock
|
|
#
|
|
# The lmtp daemon will make the unix socket group-read/write for users in this
|
|
# group.
|
|
sock-group=postfix
|
|
#
|
|
# Comma-delimited list of Content-Types to reject. Messages with Content-Types
|
|
# included in this list are rejected. Multipart messages are always supported,
|
|
# and each part is checked against this list.
|
|
#
|
|
# Uses fnmatch for wildcard expansion.
|
|
reject-mimetypes=
|
|
#
|
|
# Link to include in the rejection message where senders can get help
|
|
# correcting their email.
|
|
reject-url=https://man.sr.ht/lists.sr.ht/etiquette.md
|
|
|
|
[lists.sr.ht::api]
|
|
#
|
|
# Maximum complexity of GraphQL queries. The higher this number, the more work
|
|
# that API clients can burden the API backend with. Complexity is equal to the
|
|
# number of discrete fields which would be returned to the user. 200 is a good
|
|
# default.
|
|
max-complexity=200
|
|
|
|
#
|
|
# The maximum time the API backend will spend processing a single API request.
|
|
#
|
|
# See https://golang.org/pkg/time/#ParseDuration
|
|
max-duration=90s
|
|
|
|
#
|
|
# Set of IP subnets which are permitted to utilize internal API
|
|
# authentication. This should be limited to the subnets from which your
|
|
# *.sr.ht services are running.
|
|
#
|
|
# Comma-separated, CIDR notation.
|
|
internal-ipnet=127.0.0.0/8,::1/128,192.168.0.0/16,10.0.0.0/8
|
|
|
|
[lists.sr.ht::redirects]
|
|
#
|
|
# Redirects for migrating old mailing lists to new ones. This just sets up the
|
|
# redirect for incoming emails.
|
|
#
|
|
# old-address=~example/new-name
|
|
|
|
[meta.sr.ht]
|
|
origin=http://meta.sr.ht.local
|