mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-12-01 18:24:51 -05:00
651db60985
As we noticed in our poll about CDN usage, that most people intentionally turn it off, but very little intetionally turn it on or leave it on. [1] There is also strong indicators that CDNs don't really provide any benefits in loading time and due to the small deployments of CodiMD, there is no big savings due to CDNs either. [2] Therefore this patch changes the CDN default settings to off in order to reduce the exposed user data. [1]: https://community.codimd.org/t/poll-on-cdn-usage/28 [2]: https://csswizardry.com/2019/05/self-host-your-static-assets/ Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
176 lines
4.4 KiB
JavaScript
176 lines
4.4 KiB
JavaScript
'use strict'
|
|
|
|
const os = require('os')
|
|
|
|
module.exports = {
|
|
domain: '',
|
|
urlPath: '',
|
|
host: '0.0.0.0',
|
|
port: 3000,
|
|
loglevel: 'info',
|
|
urlAddPort: false,
|
|
allowOrigin: ['localhost'],
|
|
useSSL: false,
|
|
hsts: {
|
|
enable: true,
|
|
maxAgeSeconds: 60 * 60 * 24 * 365,
|
|
includeSubdomains: true,
|
|
preload: true
|
|
},
|
|
csp: {
|
|
enable: true,
|
|
directives: {
|
|
},
|
|
addDefaults: true,
|
|
addDisqus: true,
|
|
addGoogleAnalytics: true,
|
|
upgradeInsecureRequests: 'auto',
|
|
reportURI: undefined
|
|
},
|
|
protocolUseSSL: false,
|
|
useCDN: false,
|
|
allowAnonymous: true,
|
|
allowAnonymousEdits: false,
|
|
allowFreeURL: false,
|
|
forbiddenNoteIDs: ['robots.txt', 'favicon.ico', 'api', 'build', 'css', 'docs', 'fonts', 'js', 'uploads', 'vendor', 'views'],
|
|
defaultPermission: 'editable',
|
|
dbURL: '',
|
|
db: {},
|
|
// ssl path
|
|
sslKeyPath: '',
|
|
sslCertPath: '',
|
|
sslCAPath: '',
|
|
dhParamPath: '',
|
|
// other path
|
|
viewPath: './public/views',
|
|
tmpPath: os.tmpdir(),
|
|
defaultNotePath: './public/default.md',
|
|
docsPath: './public/docs',
|
|
uploadsPath: './public/uploads',
|
|
// session
|
|
sessionName: 'connect.sid',
|
|
sessionSecret: 'secret',
|
|
sessionSecretLen: 128,
|
|
sessionLife: 14 * 24 * 60 * 60 * 1000, // 14 days
|
|
staticCacheTime: 1 * 24 * 60 * 60 * 1000, // 1 day
|
|
// socket.io
|
|
heartbeatInterval: 5000,
|
|
heartbeatTimeout: 10000,
|
|
// too busy timeout
|
|
tooBusyLag: 70,
|
|
// document
|
|
documentMaxLength: 100000,
|
|
// image upload setting, available options are imgur/s3/filesystem/azure/lutim
|
|
imageUploadType: 'filesystem',
|
|
lutim: {
|
|
url: 'https://framapic.org/'
|
|
},
|
|
imgur: {
|
|
clientID: undefined
|
|
},
|
|
s3: {
|
|
accessKeyId: undefined,
|
|
secretAccessKey: undefined,
|
|
region: undefined
|
|
},
|
|
minio: {
|
|
accessKey: undefined,
|
|
secretKey: undefined,
|
|
endPoint: undefined,
|
|
secure: true,
|
|
port: 9000
|
|
},
|
|
s3bucket: undefined,
|
|
azure: {
|
|
connectionString: undefined,
|
|
container: undefined
|
|
},
|
|
// authentication
|
|
oauth2: {
|
|
providerName: undefined,
|
|
authorizationURL: undefined,
|
|
tokenURL: undefined,
|
|
clientID: undefined,
|
|
clientSecret: undefined
|
|
},
|
|
facebook: {
|
|
clientID: undefined,
|
|
clientSecret: undefined
|
|
},
|
|
twitter: {
|
|
consumerKey: undefined,
|
|
consumerSecret: undefined
|
|
},
|
|
github: {
|
|
clientID: undefined,
|
|
clientSecret: undefined
|
|
},
|
|
gitlab: {
|
|
baseURL: undefined,
|
|
clientID: undefined,
|
|
clientSecret: undefined,
|
|
scope: undefined,
|
|
version: 'v4'
|
|
},
|
|
mattermost: {
|
|
baseURL: undefined,
|
|
clientID: undefined,
|
|
clientSecret: undefined
|
|
},
|
|
dropbox: {
|
|
clientID: undefined,
|
|
clientSecret: undefined,
|
|
appKey: undefined
|
|
},
|
|
google: {
|
|
clientID: undefined,
|
|
clientSecret: undefined,
|
|
hostedDomain: undefined
|
|
},
|
|
ldap: {
|
|
providerName: undefined,
|
|
url: undefined,
|
|
bindDn: undefined,
|
|
bindCredentials: undefined,
|
|
searchBase: undefined,
|
|
searchFilter: undefined,
|
|
searchAttributes: undefined,
|
|
usernameField: undefined,
|
|
useridField: undefined,
|
|
tlsca: undefined
|
|
},
|
|
saml: {
|
|
idpSsoUrl: undefined,
|
|
idpCert: undefined,
|
|
issuer: undefined,
|
|
identifierFormat: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
|
|
disableRequestedAuthnContext: false,
|
|
groupAttribute: undefined,
|
|
externalGroups: [],
|
|
requiredGroups: [],
|
|
attribute: {
|
|
id: undefined,
|
|
username: undefined,
|
|
email: undefined
|
|
}
|
|
},
|
|
email: true,
|
|
allowEmailRegister: true,
|
|
allowGravatar: true,
|
|
allowPDFExport: true,
|
|
openID: false,
|
|
// linkifyHeaderStyle - How is a header text converted into a link id.
|
|
// Header Example: "3.1. Good Morning my Friend! - Do you have 5$?"
|
|
// * 'keep-case' is the legacy CodiMD value.
|
|
// Generated id: "31-Good-Morning-my-Friend---Do-you-have-5"
|
|
// * 'lower-case' is the same like legacy (see above), but converted to lower-case.
|
|
// Generated id: "#31-good-morning-my-friend---do-you-have-5"
|
|
// * 'gfm' _GitHub-Flavored Markdown_ style as described here:
|
|
// https://gist.github.com/asabaylus/3071099#gistcomment-1593627
|
|
// It works like 'lower-case', but making sure the ID is unique.
|
|
// This is What GitHub, GitLab and (hopefully) most other tools use.
|
|
// Generated id: "31-good-morning-my-friend---do-you-have-5"
|
|
// 2nd appearance: "31-good-morning-my-friend---do-you-have-5-1"
|
|
// 3rd appearance: "31-good-morning-my-friend---do-you-have-5-2"
|
|
linkifyHeaderStyle: 'keep-case'
|
|
}
|