]> git.p6c8.net - jirafeau_mojo42.git/blob - lib/config.original.php
Re-emplementing encryption using Sodium
[jirafeau_mojo42.git] / lib / config.original.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
5 * Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
6 *
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
16 *
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20
21 /**
22 * Default configuration
23 *
24 * To overwrite these settings copy the file,
25 * rename it to »config.local.php« and adapt the parameters.
26 **/
27
28 /* URL of installation, with trailing slash (eg. »https://example.com/jirafeau/«)
29 */
30 $cfg['web_root'] = '';
31
32 /* Path to data directory, with trailing slash (eg. »/var/www/data/var_314159265358979323846264«
33 */
34 $cfg['var_root'] = '';
35
36 /* Language - choose between 'auto' or any language located in the /lib/locales/ folder.
37 * The mode »auto« will cause the script to detect the user's browser information
38 * and offer a matching language, or use »en« if it is not available.
39 * Forcing a specific lang will slightly reduce computation time.
40 */
41 $cfg['lang'] = 'auto';
42
43 /* Select a theme - see media folder for available themes
44 */
45 $cfg['style'] = 'courgette';
46 $cfg['dark_style'] = 'dark-courgette';
47
48 /* Name the organisation running this installation, eg. 'ACME'
49 */
50 $cfg['organisation'] = 'ACME';
51
52 /* Provide a contact person for this installation, eg. 'John Doe <doe@example.com>'
53 */
54 $cfg['contactperson'] = '';
55
56 /* Give the installation a title, eg. 'Datahub' or 'John Doe Filehost'
57 */
58 $cfg['title'] = '';
59
60 /* Propose a preview link if file type is previewable
61 */
62 $cfg['preview'] = true;
63
64 /* Enable the encryption feature
65 * By enabling it, file-level deduplication won't work anymore. See FAQ.
66 */
67 $cfg['enable_crypt'] = false;
68
69 /* Length of link reference
70 */
71 $cfg['link_name_length'] = 8;
72
73 /* Upload password(s).
74 * An empty array will disable password authentication.
75 * $cfg['upload_password'] = array(); // No password
76 * $cfg['upload_password'] = array('psw1'); // One password
77 * $cfg['upload_password'] = array('psw1', 'psw2'); // Two passwords
78 */
79 $cfg['upload_password'] = array();
80
81 /* List of IP allowed to upload a file.
82 * If the list is empty, then there is no upload restriction based on IP.
83 * Elements of the list can be a single IP (e.g. "123.45.67.89") or
84 * an IP range (e.g. "123.45.0.0/16").
85 * Note that CIDR notation is available for IPv4 only for the moment.
86 */
87 $cfg['upload_ip'] = array();
88
89 /* List of IP allowed to upload a file without password.
90 * Elements of the list can be a single IP (e.g. "123.45.67.89") or
91 * an IP range (e.g. "123.45.0.0/16").
92 * Note that CIDR notation is available for IPv4 only for the moment.
93 */
94 $cfg['upload_ip_nopassword'] = array();
95
96 /* Password for the admin interface.
97 * An empty password will disable password authentication.
98 * The password is a sha256 hash of the original version.
99 * Example: echo -n "myVerySecretAdminPassword" | sha256sum
100 */
101 $cfg['admin_password'] = '';
102
103 /* If set, let the user be authenticated as administrator.
104 * The user provided here is the user authenticated by HTTP authentication.
105 * Note that Jirafeau does not manage the HTTP login part, it just checks
106 * that the provided user is logged in.
107 * If »admin_password« parameter is set, then the »admin_password« is ignored.
108 */
109 $cfg['admin_http_auth_user'] = '';
110
111 /* List of IP allowed to access the admin interface.
112 * If the list is empty, then there is no admin interface restriction based on IP.
113 * Elements of the list can be a single IP (e.g. "123.45.67.89") or
114 * an IP range (e.g. "123.45.0.0/16").
115 * Note that CIDR notation is available for IPv4 only for the moment.
116 */
117 $cfg['admin_ip'] = array();
118
119 /* Allow user to select different options for file expiration time.
120 * Possible values in array:
121 * 'minute': file is available for one minute
122 * 'hour': file available for one hour
123 * 'day': file available for one day
124 * 'week': file available for one week
125 * 'fortnight': file is available for two weeks
126 * 'month': file is available for one month
127 * 'quarter': file is available for three months
128 * 'year': file available for one year
129 * 'none': unlimited availability
130 */
131 $cfg['availabilities'] = array(
132 'minute' => true,
133 'hour' => true,
134 'day' => true,
135 'week' => true,
136 'fortnight' => true,
137 'month' => true,
138 'quarter' => false,
139 'year' => false,
140 'none' => false
141 );
142
143 /* Set a default value for the expiration time.
144 * The value has to equal one of the enabled options in »availabilities«, e.g. »month«.
145 */
146 $cfg['availability_default'] = 'month';
147
148 /* Give the uploading user the option to have the file
149 * deleted after the first download.
150 */
151 $cfg['one_time_download'] = true;
152
153 /* Set maximal upload size expressed in MB.
154 * »0« means unlimited upload size.
155 */
156 $cfg['maximal_upload_size'] = 0;
157
158 /* Proxy IP
159 * If the installation is behind some reverse proxies, it is possible to set
160 * the allowed proxy IP.
161 * $cfg['proxy_ip'] = array('12.34.56.78');
162 * Jirafeau will then get a visitor's IP from HTTP_X_FORWARDED_FOR
163 * instead of REMOTE_ADDR.
164 */
165 $cfg['proxy_ip'] = array();
166
167 /* File hash
168 * In order to make file deduplication work, files can be hashed through different methods.
169 * To enable file deduplication feature, set this option to `md5`.
170 *
171 * Possible values are 'md5', 'md5_outside' and 'random'.
172 *
173 * With 'md5' option, the whole file is hashed through md5. This is the default.
174 * With 'md5_outside', hash is computed using:
175 * - md5 of the first part of the file,
176 * - md5 of the last part of the file and
177 * - file's size.
178 * This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken.
179 * With 'random' option, file hash is set to a random value and file deduplication cannot work but it is fast and safe.
180 */
181 $cfg['file_hash'] = 'random';
182
183 /* Work around that LiteSpeed truncates large files when downloading.
184 * Only for use with the LiteSpeed web server!
185 * An internal redirect is made using X-LiteSpeed-Location instead
186 * of streaming the file from PHP.
187 * Limitations:
188 * - The Jirafeau files folder has to be placed under the document root and should be
189 * protected from unauthorized access using rewrite rules.
190 * See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access
191 * - Incompatible with server side encryption.
192 * - Incompatible with one time download.
193 */
194 $cfg['litespeed_workaround'] = false;
195
196 /* Use the X-Sendfile header which should cause your webserver to handle
197 * the sending of the file. The webserver must be configured to do this
198 * using the mod_xsendfile module in Apache or the appropriate config in
199 * lighttpd. The offload will not happen in the case of server-side encrypted
200 * files, but all other cases should work. Benefits include being able
201 * to resume downloads and seek instantly in media players like VLC or
202 * the Firefox/Discord/Chrome embedded player.
203 */
204 $cfg['use_xsendfile'] = false;
205
206 /* Store uploader's IP along with 'link' file.
207 * Depending of your legislation, you may have to adjust this parameter.
208 */
209 $cfg['store_uploader_ip'] = true;
210
211 /* Required flag to test if the installation is already installed
212 * or needs to start the installation script
213 */
214 $cfg['installation_done'] = false;
215
216 /* Enable this debug flag to allow eventual PHP error reporting.
217 * This is disabled by default permission misconfiguration might generate warnings or errors.
218 * Those warnings can break Jirafeau and also show path to var- folder in debug messages.
219 * var- folder should kept secret and accessing it may lead to data leak if unprotected.
220 */
221 $cfg['debug'] = false;
222
223 /** Set Jirafeau's maximal upload chunk
224 * When Jirafeau upload a large file, Jirafeau sends several data chunks to fit server's capabilities.
225 * Jirafeau tries to upload each data chunk with the maximal size allowed by PHP (post_max_size and upload_max_filesize).
226 * However, too large PHP configuration values are not needed and could induce unwanted side effects (see #303).
227 * This parameter set Jirafeau's own maximal chunk size with a reasonable value.
228 * Option is only used for async uploads and won't be used for browsers without html5 support.
229 * You should not touch this parameter unless you have good reason to do so. Feel free to open an issue to ask questions.
230 * Set to 0 to remove limitation.
231 */
232 $cfg['max_upload_chunk_size_bytes'] = 100000000; // 100MB
233
234 /* Set password requirement policy for downloading files
235 * Possible values:
236 * optional (default): Password may be set by the uploader, but is not mandatory
237 * required: Setting a password is mandatory to upload a file.
238 * generated: Passwords are automatically generated and shown to the uploader, when uploading a file
239 */
240 $cfg['download_password_requirement'] = 'optional';
241
242 /* Set length of generated passwords
243 */
244 $cfg['download_password_gen_len'] = 10;
245
246 /* Set allowed chars for password generation
247 */
248 $cfg['download_password_gen_chars'] = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*()_-=+;:,.?';
249 /* Set password complexity policy for downloading files
250 * possible values:
251 * none (default): Passwords for downloading files can be of arbitrary complexity
252 * regex: Passwords are checked with a regex for complexity constraints
253 */
254 $cfg['download_password_policy'] = 'none';
255 /* Set the regex for regex download password policy
256 * Delimiters are need, but modifiers should not be used
257 */
258 $cfg['download_password_policy_regex'] = '/.*/';

patrick-canterino.de