isso/share/isso.conf
2015-08-28 15:59:48 +01:00

175 lines
5.6 KiB
INI

# Isso configuration file
# vim: set filetype=ini
[general]
# file location to the SQLite3 database, highly recommended to change this
# location to a non-temporary location!
dbpath = /tmp/comments.db
# required to dispatch multiple websites, not used otherwise.
name =
# Your website(s). If Isso is unable to connect to at least on site, you'll
# get a warning during startup and comments are most likely non-functional.
#
# You'll need at least one host/website to run Isso. This is due to security
# reasons: Isso uses CORS_ to embed comments and to restrict comments only to
# your website, you have to "whitelist" your website(s).
#
# I recommend the first value to be a non-SSL website that is used as fallback
# if Firefox users (and only those) supress their HTTP referer completely:
#
# host =
# http://example.tld/
# https://example.tld/
#
host =
# time range that allows users to edit/remove their own comments.
# It supports years, weeks, days, hours, minutes, seconds.
# 3h45m12s equals to 3 hours, 45 minutes and 12 seconds.
max-age = 15m
# Select notification backend for new comments. Currently, only SMTP is
# available.
# Select notification backend(s) for new comments, separated by comma.
# Available backends:
#
# stdout
# Log to standard output. Default, if none selected.
# smtp
# Send notifications via SMTP on new comments with activation (if
# moderated) and deletion links.
notify = stdout
# Log console messages to file instead of standard out.
log-file =
[moderation]
# enable comment moderation queue. This option only affects new comments.
# Comments in modertion queue are not visible to other users until you activate
# them.
enabled = false
# remove unprocessed comments in moderation queue after given time.
purge-after = 30d
[server]
# interface to listen on. Isso supports TCP/IP and unix domain sockets: UNIX
# domain socket listen = unix:///tmp/isso.sock TCP/IP listen =
# http:///localhost:1234/
#
# When gevent is available, it is automatically used for http:// Currently,
# gevent can not handle http requests on unix domain socket (see #295 and #299
# for details). Does not apply for uWSGI.
listen = http://localhost:8080
# reload application, when the source code has changed. Useful for development.
# Only works with the internal webserver.
reload = off
# show 10 most time consuming function in Isso after each request. Do not use
# in production.
profile = off
[smtp]
# Isso can notify you on new comments via SMTP. In the email notification, you
# also can moderate (=activate or delete) comments.
# self-explanatory, optional
username =
# self-explanatory (yes, plain text, create a dedicated account for
# notifications), optional.
password =
# SMTP server
host = localhost
# SMTP port
port = 587
# use a secure connection to the server, possible values: none, starttls or
# ssl. Note, that there is no easy way for Python 2.7 and 3.3 to implement
# certification validation and thus the connection is vulnerable to
# Man-in-the-Middle attacks. You should definitely use a dedicated SMTP account
# for Isso in that case.
security = starttls
# recipient address, e.g. your email address
to =
# ender address, e.g. "Foo Bar" <isso@example.tld>
from =
# specify a timeout in seconds for blocking operations like the
# connection attempt.
timeout = 10
[guard]
# Enable basic spam protection features, e.g. rate-limit per IP address (/24
# for IPv4, /48 for IPv6).
# enable guard, recommended in production. Not useful for debugging purposes.
enabled = true
# limit to N new comments per minute.
ratelimit = 2
# how many comments directly to the thread (prevent a simple while true; do
# curl ...; done.
direct-reply = 3
# allow commenters to reply to their own comments when they could still edit
# the comment. After the editing timeframe is gone, commenters can reply to
# their own comments anyways. Do not forget to configure the client.
reply-to-self = false
# require the commenter to enter an email address (note: no validation is
# done on the provided address). Do not forget to configure the client.
require-email = false
[markup]
# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is
# supported, but new languages are relatively easy to add.
# Misaka-specific Markdown extensions, all flags starting with EXT_ can be used
# there, separated by comma.
options = strikethrough, autolink, fenced_code, no_intra_emphasis
# Additional HTML tags to allow in the generated output, comma-separated. By
# default, only a, blockquote, br, code, del, em, h1, h2, h3, h4, h5, h6, hr,
# ins, li, ol, p, pre, strong, table, tbody, td, th, thead and ul are allowed.
allowed-elements =
# Additional HTML attributes (independent from elements) to allow in the
# generated output, comma-separated. By default, only align and href are
# allowed.
allowed-attributes =
[hash]
# Customize used hash functions to hide the actual email addresses from
# commenters but still be able to generate an identicon.
# A salt is used to protect against rainbow tables. Isso does not make use of
# pepper (yet). The default value has been in use since the release of Isso and
# generates the same identicons for same addresses across installations.
salt = Eech7co8Ohloopo9Ol6baimi
# Hash algorithm to use -- either from Python's hashlib or PBKDF2 (a
# computational expensive hash function).
#
# The actual identifier for PBKDF2 is pbkdf2:1000:6:sha1, which means 1000
# iterations, 6 bytes to generate and SHA1 as pseudo-random family used for key
# strengthening. Arguments have to be in that order, but can be reduced to
# pbkdf2:4096 for example to override the iterations only.
algorithm = pbkdf2