241 lines
8.2 KiB
INI
241 lines
8.2 KiB
INI
# Isso configuration file
|
|
# vim: set filetype=ini
|
|
|
|
[general]
|
|
|
|
# file location to the SQLite3 database, highly recommended to change this
|
|
# location to a non-temporary location!
|
|
dbpath = /tmp/comments.db
|
|
|
|
# required to dispatch multiple websites, not used otherwise.
|
|
name =
|
|
|
|
# Your website(s). If Isso is unable to connect to at least one site, you'll
|
|
# get a warning during startup and comments are most likely non-functional.
|
|
#
|
|
# You'll need at least one host/website to run Isso. This is due to security
|
|
# reasons: Isso uses CORS_ to embed comments and to restrict comments only to
|
|
# your website, you have to "whitelist" your website(s).
|
|
#
|
|
# I recommend the first value to be a non-SSL website that is used as fallback
|
|
# if Firefox users (and only those) supress their HTTP referer completely:
|
|
#
|
|
# host =
|
|
# http://example.tld/
|
|
# https://example.tld/
|
|
#
|
|
host =
|
|
|
|
# time range that allows users to edit/remove their own comments.
|
|
# It supports years, weeks, days, hours, minutes, seconds.
|
|
# 3h45m12s equals to 3 hours, 45 minutes and 12 seconds.
|
|
max-age = 15m
|
|
|
|
# Select notification backend for new comments. Currently, only SMTP is
|
|
# available.
|
|
# Select notification backend(s) for new comments, separated by comma.
|
|
# Available backends:
|
|
#
|
|
# stdout
|
|
# Log to standard output. Default, if none selected.
|
|
# smtp
|
|
# Send notifications via SMTP on new comments with activation (if
|
|
# moderated) and deletion links.
|
|
notify = stdout
|
|
|
|
# Allow users to request E-mail notifications for replies to their post.
|
|
# WARNING: It is highly recommended to also turn on moderation when enabling
|
|
# this setting, as Isso can otherwise be easily exploited for sending spam.
|
|
reply-notifications=false
|
|
|
|
# Log console messages to file instead of standard output.
|
|
log-file =
|
|
|
|
# adds property "gravatar_image" to json response when true
|
|
# will automatically build md5 hash by email and use "gravatar_url" to build
|
|
# the url to the gravatar image
|
|
gravatar = false
|
|
|
|
# default url for gravatar. {} is where the hash will be placed
|
|
gravatar-url = https://www.gravatar.com/avatar/{}?d=identicon
|
|
|
|
# enable the "/latest" endpoint, that serves comment for multiple posts (not
|
|
# needing to previously know the posts URIs)
|
|
latest-enabled = false
|
|
|
|
[admin]
|
|
enabled = false
|
|
|
|
# Admin access password
|
|
password = please_choose_a_strong_password
|
|
|
|
[moderation]
|
|
# enable comment moderation queue. This option only affects new comments.
|
|
# Comments in modertion queue are not visible to other users until you activate
|
|
# them.
|
|
enabled = false
|
|
|
|
# with moderation enabled, automatically approve new comments by an
|
|
# author if they've had comments approved within the last 6 months
|
|
# Note: No verification is done on the email addresses entered by commenters.
|
|
# This means that if someone is able to guess correctly the email address used
|
|
# by a previously approved author, they will be able to have their new comment
|
|
# auto-approved. For this reason, we recommend that you also activate SMTP
|
|
# notification if you activate this option, so that you will see
|
|
# auto-approved comments as they get posted.
|
|
approve-if-email-previously-approved = false
|
|
|
|
# remove unprocessed comments in moderation queue after given time.
|
|
purge-after = 30d
|
|
|
|
|
|
[server]
|
|
# interface to listen on. Isso supports TCP/IP and unix domain sockets: UNIX
|
|
# domain socket listen = unix:///tmp/isso.sock TCP/IP listen =
|
|
# http:///localhost:1234/
|
|
#
|
|
# When gevent is available, it is automatically used for http:// Currently,
|
|
# gevent can not handle http requests on unix domain socket (see #295 and #299
|
|
# for details). Does not apply for uWSGI.
|
|
listen = http://localhost:8080
|
|
|
|
# public URL that Isso is accessed from by end users. Should always be a
|
|
# http:// or https:// absolute address. If left blank, automatic detection is
|
|
# attempted.
|
|
public-endpoint =
|
|
|
|
# reload application, when the source code has changed. Useful for development.
|
|
# Only works with the internal webserver.
|
|
reload = off
|
|
|
|
# show 10 most time consuming function in Isso after each request. Do not use
|
|
# in production.
|
|
profile = off
|
|
|
|
# an optional list of reverse proxies IPs behind which you have deployed
|
|
# your Isso web service (e.g. `127.0.0.1`).
|
|
# This allow for proper remote address resolution based on a
|
|
# `X-Forwarded-For` HTTP header, which is important for the mechanism
|
|
# forbiding several comment votes coming from the same subnet.
|
|
trusted-proxies =
|
|
|
|
|
|
[smtp]
|
|
# Isso can notify you on new comments via SMTP. In the email notification, you
|
|
# also can moderate (=activate or delete) comments.
|
|
|
|
# self-explanatory, optional
|
|
username =
|
|
|
|
# self-explanatory (yes, plain text, create a dedicated account for
|
|
# notifications), optional.
|
|
password =
|
|
|
|
# SMTP server
|
|
host = localhost
|
|
|
|
# SMTP port
|
|
port = 587
|
|
|
|
# use a secure connection to the server, possible values: none, starttls or
|
|
# ssl. Note, that there is no easy way for Python 2.7 and 3.3 to implement
|
|
# certification validation and thus the connection is vulnerable to
|
|
# Man-in-the-Middle attacks. You should definitely use a dedicated SMTP account
|
|
# for Isso in that case.
|
|
security = starttls
|
|
|
|
# recipient address, e.g. your email address
|
|
to =
|
|
|
|
# sender address, e.g. "Foo Bar" <isso@example.tld>
|
|
from =
|
|
|
|
# specify a timeout in seconds for blocking operations like the
|
|
# connection attempt.
|
|
timeout = 10
|
|
|
|
|
|
[guard]
|
|
# Enable basic spam protection features, e.g. rate-limit per IP address (/24
|
|
# for IPv4, /48 for IPv6).
|
|
|
|
# enable guard, recommended in production. Not useful for debugging purposes.
|
|
enabled = true
|
|
|
|
# limit to N new comments per minute.
|
|
ratelimit = 2
|
|
|
|
# how many comments directly to the thread (prevent a simple while true; do
|
|
# curl ...; done.
|
|
direct-reply = 3
|
|
|
|
# allow commenters to reply to their own comments when they could still edit
|
|
# the comment. After the editing timeframe is gone, commenters can reply to
|
|
# their own comments anyways. Do not forget to configure the client.
|
|
reply-to-self = false
|
|
|
|
# force commenters to enter a value into the author field. No validation is
|
|
# performed on the provided value. Do not forget to configure the client
|
|
# accordingly.
|
|
require-author = false
|
|
|
|
# require the commenter to enter an email address (note: no validation is
|
|
# done on the provided address). Do not forget to configure the client.
|
|
require-email = false
|
|
|
|
|
|
[markup]
|
|
# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is
|
|
# supported, but new languages are relatively easy to add.
|
|
|
|
# Misaka-specific Markdown extensions, all flags starting with EXT_ can be used
|
|
# there, separated by comma.
|
|
options = strikethrough, autolink, fenced_code, no_intra_emphasis
|
|
|
|
# Misaka-specific HTML rendering flags, all html rendering flags can be used
|
|
# here, separated by comma, either by their name or as HTML_<flag>.
|
|
# Per Misaka's defaults, no flags are set.
|
|
flags =
|
|
|
|
# Additional HTML tags to allow in the generated output, comma-separated. By
|
|
# default, only a, blockquote, br, code, del, em, h1, h2, h3, h4, h5, h6, hr,
|
|
# ins, li, ol, p, pre, strong, table, tbody, td, th, thead and ul are allowed.
|
|
allowed-elements =
|
|
|
|
# Additional HTML attributes (independent from elements) to allow in the
|
|
# generated output, comma-separated. By default, only align and href are
|
|
# allowed.
|
|
allowed-attributes =
|
|
|
|
|
|
[hash]
|
|
# Customize used hash functions to hide the actual email addresses from
|
|
# commenters but still be able to generate an identicon.
|
|
|
|
|
|
# A salt is used to protect against rainbow tables. Isso does not make use of
|
|
# pepper (yet). The default value has been in use since the release of Isso and
|
|
# generates the same identicons for same addresses across installations.
|
|
salt = Eech7co8Ohloopo9Ol6baimi
|
|
|
|
# Hash algorithm to use -- either from Python's hashlib or PBKDF2 (a
|
|
# computational expensive hash function).
|
|
#
|
|
# The actual identifier for PBKDF2 is pbkdf2:1000:6:sha1, which means 1000
|
|
# iterations, 6 bytes to generate and SHA1 as pseudo-random family used for key
|
|
# strengthening. Arguments have to be in that order, but can be reduced to
|
|
# pbkdf2:4096 for example to override the iterations only.
|
|
algorithm = pbkdf2
|
|
|
|
|
|
[rss]
|
|
# Provide an Atom feed for each comment thread for users to subscribe to.
|
|
|
|
# The base URL of pages is needed to build the Atom feed. By appending
|
|
# the URI, we should get the complete URL to use to access the page
|
|
# with the comments. When empty, Atom feeds are disabled.
|
|
base =
|
|
|
|
# Limit the number of elements to return for each thread.
|
|
limit = 100
|