You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

322 lines
12 KiB

  1. /* globals module */
  2. /* DISCLAIMER:
  3. There are two recommended methods of running a CryptPad instance:
  4. 1. Using a standalone nodejs server without HTTPS (suitable for local development)
  5. 2. Using NGINX to serve static assets and to handle HTTPS for API server's websocket traffic
  6. We do not officially recommend or support Apache, Docker, Kubernetes, Traefik, or any other configuration.
  7. Support requests for such setups should be directed to their authors.
  8. If you're having difficulty difficulty configuring your instance
  9. we suggest that you join the project's IRC/Matrix channel.
  10. If you don't have any difficulty configuring your instance and you'd like to
  11. support us for the work that went into making it pain-free we are quite happy
  12. to accept donations via our opencollective page: https://opencollective.com/cryptpad
  13. */
  14. module.exports = {
  15. /* CryptPad is designed to serve its content over two domains.
  16. * Account passwords and cryptographic content is handled on the 'main' domain,
  17. * while the user interface is loaded on a 'sandbox' domain
  18. * which can only access information which the main domain willingly shares.
  19. *
  20. * In the event of an XSS vulnerability in the UI (that's bad)
  21. * this system prevents attackers from gaining access to your account (that's good).
  22. *
  23. * Most problems with new instances are related to this system blocking access
  24. * because of incorrectly configured sandboxes. If you only see a white screen
  25. * when you try to load CryptPad, this is probably the cause.
  26. *
  27. * PLEASE READ THE FOLLOWING COMMENTS CAREFULLY.
  28. *
  29. */
  30. /* httpUnsafeOrigin is the URL that clients will enter to load your instance.
  31. * Any other URL that somehow points to your instance is supposed to be blocked.
  32. * The default provided below assumes you are loading CryptPad from a server
  33. * which is running on the same machine, using port 3000.
  34. *
  35. * In a production instance this should be available ONLY over HTTPS
  36. * using the default port for HTTPS (443) ie. https://cryptpad.fr
  37. * In such a case this should be handled by NGINX, as documented in
  38. * cryptpad/docs/example.nginx.conf (see the $main_domain variable)
  39. *
  40. */
  41. httpUnsafeOrigin: 'http://localhost:3000/',
  42. /* httpSafeOrigin is the URL that is used for the 'sandbox' described above.
  43. * If you're testing or developing with CryptPad on your local machine then
  44. * it is appropriate to leave this blank. The default behaviour is to serve
  45. * the main domain over port 3000 and to serve the content over port 3001.
  46. *
  47. * This is not appropriate in a production environment where invasive networks
  48. * may filter traffic going over abnormal ports.
  49. * To correctly configure your production instance you must provide a URL
  50. * with a different domain (a subdomain is sufficient).
  51. * It will be used to load the UI in our 'sandbox' system.
  52. *
  53. * This value corresponds to the $sandbox_domain variable
  54. * in the example nginx file.
  55. *
  56. * CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS.
  57. */
  58. // httpSafeOrigin: "https://some-other-domain.xyz",
  59. /* httpAddress specifies the address on which the nodejs server
  60. * should be accessible. By default it will listen on 127.0.0.1
  61. * (IPv4 localhost on most systems). If you want it to listen on
  62. * all addresses, including IPv6, set this to '::'.
  63. *
  64. */
  65. //httpAddress: '::',
  66. /* httpPort specifies on which port the nodejs server should listen.
  67. * By default it will serve content over port 3000, which is suitable
  68. * for both local development and for use with the provided nginx example,
  69. * which will proxy websocket traffic to your node server.
  70. *
  71. */
  72. //httpPort: 3000,
  73. /* httpSafePort allows you to specify an alternative port from which
  74. * the node process should serve sandboxed assets. The default value is
  75. * that of your httpPort + 1. You probably don't need to change this.
  76. *
  77. */
  78. //httpSafePort: 3001,
  79. /* CryptPad will launch a child process for every core available
  80. * in order to perform CPU-intensive tasks in parallel.
  81. * Some host environments may have a very large number of cores available
  82. * or you may want to limit how much computing power CryptPad can take.
  83. * If so, set 'maxWorkers' to a positive integer.
  84. */
  85. // maxWorkers: 4,
  86. /* =====================
  87. * Admin
  88. * ===================== */
  89. /*
  90. * CryptPad contains an administration panel. Its access is restricted to specific
  91. * users using the following list.
  92. * To give access to the admin panel to a user account, just add their user id,
  93. * which can be found on the settings page for registered users.
  94. * Entries should be strings separated by a comma.
  95. */
  96. /*
  97. adminKeys: [
  98. //"https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=",
  99. ],
  100. */
  101. /* CryptPad's administration panel includes a "support" tab
  102. * wherein administrators with a secret key can view messages
  103. * sent from users via the encrypted forms on the /support/ page
  104. *
  105. * To enable this functionality:
  106. * run `node ./scripts/generate-admin-keys.js`
  107. * save the public key in your config in the value below
  108. * add the private key via the admin panel
  109. * and back it up in a secure manner
  110. *
  111. */
  112. // supportMailboxPublicKey: "",
  113. /* We're very proud that CryptPad is available to the public as free software!
  114. * We do, however, still need to pay our bills as we develop the platform.
  115. *
  116. * By default CryptPad will prompt users to consider donating to
  117. * our OpenCollective campaign. We publish the state of our finances periodically
  118. * so you can decide for yourself whether our expenses are reasonable.
  119. *
  120. * You can disable any solicitations for donations by setting 'removeDonateButton' to true,
  121. * but we'd appreciate it if you didn't!
  122. */
  123. //removeDonateButton: false,
  124. /* CryptPad will display a point of contact for your instance on its contact page
  125. * (/contact.html) if you provide it below.
  126. */
  127. adminEmail: 'i.did.not.read.my.config@cryptpad.fr',
  128. /*
  129. * By default, CryptPad contacts one of our servers once a day.
  130. * This check-in will also send some very basic information about your instance including its
  131. * version and the adminEmail so we can reach you if we are aware of a serious problem.
  132. * We will never sell it or send you marketing mail.
  133. *
  134. * If you want to block this check-in and remain set 'blockDailyCheck' to true.
  135. */
  136. //blockDailyCheck: false,
  137. /*
  138. * By default users get 50MB of storage by registering on an instance.
  139. * You can set this value to whatever you want.
  140. *
  141. * hint: 50MB is 50 * 1024 * 1024
  142. */
  143. //defaultStorageLimit: 50 * 1024 * 1024,
  144. /* =====================
  145. * STORAGE
  146. * ===================== */
  147. /* Pads that are not 'pinned' by any registered user can be set to expire
  148. * after a configurable number of days of inactivity (default 90 days).
  149. * The value can be changed or set to false to remove expiration.
  150. * Expired pads can then be removed using a cron job calling the
  151. * `evict-inactive.js` script with node
  152. *
  153. * defaults to 90 days if nothing is provided
  154. */
  155. //inactiveTime: 90, // days
  156. /* CryptPad archives some data instead of deleting it outright.
  157. * This archived data still takes up space and so you'll probably still want to
  158. * remove these files after a brief period.
  159. *
  160. * cryptpad/scripts/evict-inactive.js is intended to be run daily
  161. * from a crontab or similar scheduling service.
  162. *
  163. * The intent with this feature is to provide a safety net in case of accidental
  164. * deletion. Set this value to the number of days you'd like to retain
  165. * archived data before it's removed permanently.
  166. *
  167. * defaults to 15 days if nothing is provided
  168. */
  169. //archiveRetentionTime: 15,
  170. /* Max Upload Size (bytes)
  171. * this sets the maximum size of any one file uploaded to the server.
  172. * anything larger than this size will be rejected
  173. * defaults to 20MB if no value is provided
  174. */
  175. //maxUploadSize: 20 * 1024 * 1024,
  176. /*
  177. * CryptPad allows administrators to give custom limits to their friends.
  178. * add an entry for each friend, identified by their user id,
  179. * which can be found on the settings page. Include a 'limit' (number of bytes),
  180. * a 'plan' (string), and a 'note' (string).
  181. *
  182. * hint: 1GB is 1024 * 1024 * 1024 bytes
  183. */
  184. /*
  185. customLimits: {
  186. "https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=": {
  187. limit: 20 * 1024 * 1024 * 1024,
  188. plan: 'insider',
  189. note: 'storage space donated by my.awesome.website'
  190. },
  191. "https://my.awesome.website/user/#/1/cryptpad-user2/GdflkgdlkjeworijfkldfsdflkjeEAsdlEnkbx1vVOo=": {
  192. limit: 10 * 1024 * 1024 * 1024,
  193. plan: 'insider',
  194. note: 'storage space donated by my.awesome.website'
  195. }
  196. },
  197. */
  198. /* Users with premium accounts (those with a plan included in their customLimit)
  199. * can benefit from an increased upload size limit. By default they are restricted to the same
  200. * upload size as any other registered user.
  201. *
  202. */
  203. //premiumUploadSize: 100 * 1024 * 1024,
  204. /* =====================
  205. * DATABASE VOLUMES
  206. * ===================== */
  207. /*
  208. * CryptPad stores each document in an individual file on your hard drive.
  209. * Specify a directory where files should be stored.
  210. * It will be created automatically if it does not already exist.
  211. */
  212. filePath: './datastore/',
  213. /* CryptPad offers the ability to archive data for a configurable period
  214. * before deleting it, allowing a means of recovering data in the event
  215. * that it was deleted accidentally.
  216. *
  217. * To set the location of this archive directory to a custom value, change
  218. * the path below:
  219. */
  220. archivePath: './data/archive',
  221. /* CryptPad allows logged in users to request that particular documents be
  222. * stored by the server indefinitely. This is called 'pinning'.
  223. * Pin requests are stored in a pin-store. The location of this store is
  224. * defined here.
  225. */
  226. pinPath: './data/pins',
  227. /* if you would like the list of scheduled tasks to be stored in
  228. a custom location, change the path below:
  229. */
  230. taskPath: './data/tasks',
  231. /* if you would like users' authenticated blocks to be stored in
  232. a custom location, change the path below:
  233. */
  234. blockPath: './block',
  235. /* CryptPad allows logged in users to upload encrypted files. Files/blobs
  236. * are stored in a 'blob-store'. Set its location here.
  237. */
  238. blobPath: './blob',
  239. /* CryptPad stores incomplete blobs in a 'staging' area until they are
  240. * fully uploaded. Set its location here.
  241. */
  242. blobStagingPath: './data/blobstage',
  243. /* CryptPad supports logging events directly to the disk in a 'logs' directory
  244. * Set its location here, or set it to false (or nothing) if you'd rather not log
  245. */
  246. logPath: './data/logs',
  247. /* =====================
  248. * Debugging
  249. * ===================== */
  250. /* CryptPad can log activity to stdout
  251. * This may be useful for debugging
  252. */
  253. logToStdout: false,
  254. /* CryptPad can be configured to log more or less
  255. * the various settings are listed below by order of importance
  256. *
  257. * silly, verbose, debug, feedback, info, warn, error
  258. *
  259. * Choose the least important level of logging you wish to see.
  260. * For example, a 'silly' logLevel will display everything,
  261. * while 'info' will display 'info', 'warn', and 'error' logs
  262. *
  263. * This will affect both logging to the console and the disk.
  264. */
  265. logLevel: 'info',
  266. /* clients can use the /settings/ app to opt out of usage feedback
  267. * which informs the server of things like how much each app is being
  268. * used, and whether certain clientside features are supported by
  269. * the client's browser. The intent is to provide feedback to the admin
  270. * such that the service can be improved. Enable this with `true`
  271. * and ignore feedback with `false` or by commenting the attribute
  272. *
  273. * You will need to set your logLevel to include 'feedback'. Set this
  274. * to false if you'd like to exclude feedback from your logs.
  275. */
  276. logFeedback: false,
  277. /* CryptPad supports verbose logging
  278. * (false by default)
  279. */
  280. verbose: false,
  281. };