/*
* Jirafeau, your web file repository
* Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
- * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
+ * Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
*/
$cfg['availability_default'] = 'month';
+/* Give the uploading user the option to have the file
+ * deleted after the first download.
+ */
+$cfg['one_time_download'] = true;
+
/* Set maximal upload size expressed in MB.
* »0« means unlimited upload size.
*/
/* File hash
* In order to make file deduplication work, files can be hashed through different methods.
* By default, files are hashed through md5 but other methods are available.
- * Possible values are 'md5' and 'md5_outside'.
+ *
+ * Possible values are 'md5', 'md5_outside' and 'random'.
+ *
* With 'md5' option, the whole file is hashed through md5. This is the default.
- * With 'md5_outside', md5 is used to hash the first part of the file, the last part of the file
- * and the file's size. This method is fast for large files but cannot be perfect.
+ * With 'md5_outside', hash is computed using:
+ * - md5 of the first part of the file,
+ * - md5 of the last part of the file and
+ * - file's size.
+ * This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken.
+ * With 'random' option, file hash is set to a random value and file deduplication cannot work anymore but it is fast and safe.
*/
$cfg['file_hash'] = 'md5';
+/* Work around that LiteSpeed truncates large files when downloading.
+ * Only for use with the LiteSpeed web server!
+ * An internal redirect is made using X-LiteSpeed-Location instead
+ * of streaming the file from PHP.
+ * Limitations:
+ * - The Jirafeau files folder has to be placed under the document root and should be
+ * protected from unauthorized access using rewrite rules.
+ * See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access
+ * - Incompatible with server side encryption.
+ * - Incompatible with one time download.
+ */
+$cfg['litespeed_workaround'] = false;
+
/* Required flag to test if the installation is already installed
* or needs to start the installation script
*/
$cfg['installation_done'] = false;
+
+/* Enable this debug flag to allow eventual PHP error reporting.
+ * This is disabled by default permission misconfiguration might generate warnings or errors.
+ * Those warnings can break Jirafeau and also show path to var- folder in debug messages.
+ * var- folder should kept secret and accessing it may lead to data leak if unprotected.
+ */
+$cfg['debug'] = false;