X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/d9647e1afea29401470efd68730d2562659be006..33bb6cfe3111b316082336edae43846aaef84f17:/lib/config.original.php?ds=sidebyside diff --git a/lib/config.original.php b/lib/config.original.php index d7c52e2..d8722ac 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -2,7 +2,7 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD - * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2015 Jerome Jutteau * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -15,95 +15,185 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ - -/* - * default configuration - * if you want to change this, overwrite in a config.local.php file + +/** + * Default configuration + * + * To overwrite these settings copy the file, + * rename it to »config.local.php« and adapt the parameters. + **/ + +/* URL of installation, with traling slash (eg. »https://exmaple.com/jirafeau/«) */ -global $cfg; - -/* Don't forget the ending '/' */ $cfg['web_root'] = ''; + +/* Path to data directory, with trailing slash (eg. »/var/www/data/var_314159265358979323846264« + */ $cfg['var_root'] = ''; -/* Lang choice between 'auto', 'en' and 'fr'. - * 'auto' mode will take the user's browser informations. - * Will take english if user's langage is not available. +/* Language - choice between 'auto' or any language located in the /lib/locales/ folder. + * The mode »auto« will cause the script to detect the user's browser information + * and offer a matching language, and use »en« if it is not available. + * Forcing to a specific lang lightly reduce lang computation. */ $cfg['lang'] = 'auto'; -/* Select your style :) See media folder */ + +/* Select a theme - see media folder for available themes + */ $cfg['style'] = 'courgette'; -/* Propose a preview link if file type is previewable. */ + +/* Name the organisation running this installation, eg. 'ACME' + */ +$cfg['organisation'] = 'ACME'; + +/* Provide a contact person for this installation, eg. 'John Doe ' + */ +$cfg['contactperson'] = ''; + +/* Give the installation a title, eg. 'Datahub' or 'John Doe Filehost' + */ +$cfg['title'] = ''; + +/* Propose a preview link if file type is previewable + */ $cfg['preview'] = true; -/* Encryption feature. disable it by default. - * By enabling it, file-level deduplication won't work. + +/* Enable the encryption feature + * By enabling it, file-level deduplication won't work anymore. See FAQ. */ $cfg['enable_crypt'] = false; -/* Split length of link refenrece. */ + +/* Length of link reference + */ $cfg['link_name_length'] = 8; -/* Upload password(s). Empty array disable password authentification. + +/* Upload password(s). + * An empty array will disable the password authentification. * $cfg['upload_password'] = array(); // No password * $cfg['upload_password'] = array('psw1'); // One password * $cfg['upload_password'] = array('psw1', 'psw2'); // Two passwords - * ... and so on */ $cfg['upload_password'] = array(); + /* List of IP allowed to upload a file. - * If list is empty, then there is no upload restriction based on IP + * If the list is empty, then there is no upload restriction based on IP. * Elements of the list can be a single IP (e.g. "123.45.67.89") or * an IP range (e.g. "123.45.0.0/16"). * Note that CIDR notation is available for IPv4 only for the moment. */ $cfg['upload_ip'] = array(); -/* An empty admin password will disable the classic admin password - * authentication. + +/* List of IP allowed to upload a file without password. + * Elements of the list can be a single IP (e.g. "123.45.67.89") or + * an IP range (e.g. "123.45.0.0/16"). + * Note that CIDR notation is available for IPv4 only for the moment. + */ +$cfg['upload_ip_nopassword'] = array(); + +/* Password for the admin interface. + * An empty password will disable the password authentification. + * The password is a sha256 hash of the original version. */ $cfg['admin_password'] = ''; -/* If set, let's the user to be authenticated as administrator. + +/* If set, let the user be authenticated as administrator. * The user provided here is the user authenticated by HTTP authentication. - * Note that Jirafeau does not manage the HTTP login part, it just check - * that the provided user is logged. - * If admin_password parameter is also set, admin_password is ignored. + * Note that Jirafeau does not manage the HTTP login part, it just checks + * that the provided user is logged in. + * If »admin_password« parameter is set, then the »admin_password« is ignored. */ $cfg['admin_http_auth_user'] = ''; -/* Select different options for availability of uploaded files. + +/* Allow user to select different options for file expiration time. * Possible values in array: * 'minute': file is available for one minute * 'hour': file available for one hour * 'day': file available for one day * 'week': file available for one week * 'month': file is available for one month + * 'quarter': file is available for three month * 'year': file available for one year * 'none': unlimited availability */ -$cfg['availabilities'] = array ('minute' => true, - 'hour' => true, - 'day' => true, - 'week' => true, - 'month' => true, - 'year' => false, - 'none' => false); +$cfg['availabilities'] = array( + 'minute' => true, + 'hour' => true, + 'day' => true, + 'week' => true, + 'month' => true, + 'quarter' => false, + 'year' => false, + 'none' => false +); + +/* Set a default value for the expiration time. + * The value has to equal one of the enabled options in »availabilities«, e.g. »month«. + */ +$cfg['availability_default'] = 'month'; + +/* Give the uploading user the option to have the file + * deleted after the first download. + */ +$cfg['one_time_download'] = true; + /* Set maximal upload size expressed in MB. - * 0 mean unlimited upload size. + * »0« means unlimited upload size. */ $cfg['maximal_upload_size'] = 0; -/* If your Jirafeau is behind some reverse proxies, you can set there IPs - * so Jirafeau get visitor's IP from HTTP_X_FORWARDED_FOR instead of - * REMOTE_ADDR. - * for example: + +/* Proxy IP + * If the installation is behind some reverse proxies, it is possible to set + * the allowed proxy IP. * $cfg['proxy_ip'] = array('12.34.56.78'); + * Jirafeau will then get a visitor's IP from HTTP_X_FORWARDED_FOR + * instead of REMOTE_ADDR. */ $cfg['proxy_ip'] = array(); -/* Installation is done ? */ -$cfg['installation_done'] = false; -/* Try to include user's local configuration. */ -if ((basename (__FILE__) != 'config.local.php') - && file_exists (JIRAFEAU_ROOT.'lib/config.local.php')) -{ - require (JIRAFEAU_ROOT.'lib/config.local.php'); -} +/* File hash + * In order to make file deduplication work, files can be hashed through different methods. + * By default, files are hashed through md5 but other methods are available. + * + * Possible values are 'md5', 'md5_outside' and 'random'. + * + * With 'md5' option, the whole file is hashed through md5. This is the default. + * With 'md5_outside', hash is computed using: + * - md5 of the first part of the file, + * - md5 of the last part of the file and + * - file's size. + * This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken. + * With 'random' option, file hash is set to a random value and file deduplication cannot work anymore but it is fast and safe. + */ +$cfg['file_hash'] = 'md5'; -?> +/* Work around that LiteSpeed truncates large files when downloading. + * Only for use with the LiteSpeed web server! + * An internal redirect is made using X-LiteSpeed-Location instead + * of streaming the file from PHP. + * Limitations: + * - The Jirafeau files folder has to be placed under the document root and should be + * protected from unauthorized access using rewrite rules. + * See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access + * - Incompatible with server side encryption. + * - Incompatible with one time download. + */ +$cfg['litespeed_workaround'] = false; + +/* Store uploader's IP along with 'link' file. + * Depending of your legislation, you may have to adjust this parameter. + */ +$cfg['store_uploader_ip'] = true; + +/* Required flag to test if the installation is already installed + * or needs to start the installation script + */ +$cfg['installation_done'] = false; + +/* Enable this debug flag to allow eventual PHP error reporting. + * This is disabled by default permission misconfiguration might generate warnings or errors. + * Those warnings can break Jirafeau and also show path to var- folder in debug messages. + * var- folder should kept secret and accessing it may lead to data leak if unprotected. + */ +$cfg['debug'] = false;