ansible-privatebin/templates/conf.php.j2

213 lines
8.8 KiB
Django/Jinja

;<?php http_response_code(403); /*
; config file for PrivateBin
;
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
[main]
; (optional) set a project name to be displayed on the website
{% if private_bin_main_name is not none %}
name = "{{ private_bin_main_name }}"
{% else %}
; name = "PrivateBin"
{% endif %}
; enable or disable the discussion feature, defaults to true
discussion = {{ private_bin_main_dicussion }}
; preselect the discussion feature, defaults to false
opendiscussion = {{ private_bin_main_opendicussion }}
; enable or disable the password feature, defaults to true
password = {{ private_bin_main_password }}
; enable or disable the file upload feature, defaults to false
fileupload = {{ private_bin_main_fileupload }}
; preselect the burn-after-reading feature, defaults to false
burnafterreadingselected = {{ private_bin_main_burnafterreadingselected }}
; which display mode to preselect by default, defaults to "plaintext"
; make sure the value exists in [formatter_options]
defaultformatter = "{{ private_bin_main_defaultformatter }}"
; (optional) set a syntax highlighting theme, as found in css/prettify/
{% if private_bin_main_syntaxhighlightingtheme is not none %}
syntaxhighlightingtheme = "{{ private_bin_main_syntaxhighlightingtheme }}"
{% else %}
; syntaxhighlightingtheme = "sons-of-obsidian"
{% endif %}
; size limit per paste or comment in bytes, defaults to 10 Mebibytes
sizelimit = {{ private_bin_main_paste_sizelimit }}
; template to include, default is "bootstrap" (tpl/bootstrap.php)
template = "{{ private_bin_main_template }}"
; (optional) notice to display
{% if private_bin_main_notice is not none %}
notice = {{ private_bin_main_notice }}
{% else %}
; notice = "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service."
{% endif %}
; by default PrivateBin will guess the visitors language based on the browsers
; settings. Optionally you can enable the language selection menu, which uses
; a session cookie to store the choice until the browser is closed.
languageselection = {{ private_bin_main_language_selection }}
; set the language your installs defaults to, defaults to English
; if this is set and language selection is disabled, this will be the only language
{% if private_bin_main_language_default is not none %}
languagedefault = "{{ private_bin_main_language_default }}"
{% else %}
; languagedefault = "en"
{% endif %}
; (optional) URL shortener address to offer after a new paste is created
; it is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key
{% if private_bin_main_url_shortener is not none %}
urlshortener = "{{ private_bin_main_url_shortener }}"
{% else %}
; urlshortener = "https://shortener.example.com/api?link="
{% endif %}
; (optional) Let users create a QR code for sharing the paste URL with one click.
; It works both when a new paste is created and when you view a paste.
qrcode = {{ private_bin_main_qrcode }}
; (optional) IP based icons are a weak mechanism to detect if a comment was from
; a different user when the same username was used in a comment. It might be
; used to get the IP of a non anonymous comment poster if the server salt is
; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
; Can be set to one these values: none / vizhash / identicon (default).
icon = {{ private_bin_main_icon }}
; Content Security Policy headers allow a website to restrict what sources are
; allowed to be accessed in its context. You need to change this if you added
; custom scripts from third-party domains to your templates, e.g. tracking
; scripts or run your site behind certain DDoS-protection services.
; Check the documentation at https://content-security-policy.com/
; Notes:
; - If you use a bootstrap theme, you can remove the allow-popups from the
; sandbox restrictions.
; - By default this disallows to load images from third-party servers, e.g. when
; they are embedded in pastes. If you wish to allow that, you can adjust the
; policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images
; for details.
; - The 'unsafe-eval' is used in two cases; to check if the browser supports
; async functions and display an error if not and for Chrome to enable
; webassembly support (used for zlib compression). You can remove it if Chrome
; doesn't need to be supported and old browsers don't need to be warned.
{% if private_bin_main_url_shortener is not none %}
cspheader = {{ private_bin_main_cspheader }}
{% else %}
; cspheader = "default-src 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals"
{% endif %}
; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
; sha256 in HMAC for the deletion token
zerobincompatibility = {{ private_bin_main_zerobincompatibility }}
; Enable or disable the warning message when the site is served over an insecure
; connection (insecure HTTP instead of HTTPS), defaults to true.
; Secure transport methods like Tor and I2P domains are automatically whitelisted.
; It is **strongly discouraged** to disable this.
; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
httpwarning = {{ private_bin_main_httpwarning }}
; Pick compression algorithm or disable it. Only applies to pastes/comments
; created after changing the setting.
; Can be set to one these values: none / zlib (default).
compression = {{ private_bin_main_compression }}
[expire]
; expire value that is selected per default
; make sure the value exists in [expire_options]
default = "{{ private_bin_expire_default }}"
[expire_options]
; Set each one of these to the number of seconds in the expiration period,
; or 0 if it should never expire
{% for expiretime in private_bin_expire_options %}
{{ expiretime.time }} = {{ expiretime.seconds }}
{% endfor %}
[formatter_options]
; Set available formatters, their order and their labels
{% for format in private_bin_formatter_options %}
{{ format.format }} = "{{ format.label }}"
{% endfor %}
[traffic]
; time limit between calls from the same IP address in seconds
; Set this to 0 to disable rate limiting.
limit = {{ private_bin_traffic_limit }}
; (optional) if your website runs behind a reverse proxy or load balancer,
; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
{% if private_bin_traffic_header is not none %}
header = "{{ private_bin_traffic_header }}"
{% else %}
; header = "X_FORWARDED_FOR"
{% endif %}
; directory to store the traffic limits in
dir = PATH "{{ private_bin_traffic_directory }}"
[purge]
; minimum time limit between two purgings of expired pastes, it is only
; triggered when pastes are created
; Set this to 0 to run a purge every time a paste is created.
limit = {{ private_bin_purge_limit }}
; maximum amount of expired pastes to delete in one purge
; Set this to 0 to disable purging. Set it higher, if you are running a large
; site
batchsize = {{ private_bin_batchsize_limit }}
; directory to store the purge limit in
dir = PATH "{{ private_bin_purge_directory }}"
{% if private_bin_model_class == "Filesystem" and private_bin_model_fs_option_directory is not none %}
[model]
class = Filesystem
[model_options]
dir = PATH "{{ private_bin_model_fs_option_directory }}"
{% elif private_bin_model_class == "MySql" and
private_bin_model_mysql_option_dsn is not none and
private_bin_model_mysql_option_tbl is not none and
private_bin_model_mysql_option_usr is not none and
private_bin_model_mysql_option_pwd %}}
[model]
class = Database
[model_options]
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
dsn = "{{ private_bin_model_mysql_option_dsn }}"
tbl = "{{ private_bin_model_mysql_option_tbl }}" ; table prefix
usr = "{{ private_bin_model_mysql_option_usr }}"
pwd = "{{ private_bin_model_mysql_option_pwd }}"
opt[12] = {{ private_bin_model_mysql_option_opt }} ; PDO::ATTR_PERSISTENT
{% elif private_bin_model_class == "SQLite" and
private_bin_model_sqlite3_option_dsn is not none and
private_bin_model_sqlite3_option_path is not none and
private_bin_model_sqlite3_option_usr is not none and
private_bin_model_sqlite3_option_pwd is not none and
private_bin_model_sqlite3_option_opt %}
[model]
class = Database
[model_options]
;dsn = "sqlite:" PATH "data/db.sq3"
dsn = "sqlite:" PATH "{{ private_bin_model_sqlite3_option_path }}"
usr = {{ private_bin_model_sqlite3_option_usr }}
pwd = {{ private_bin_model_sqlite3_option_pwd }}
opt[12] = {{ private_bin_model_sqlite3_option_opt }} ; PDO::ATTR_PERSISTENT
{% endif %}