File: diaspora.yml

package info (click to toggle)
diaspora-installer 0.7.6.1+debian1
  • links: PTS, VCS
  • area: contrib
  • in suites: bullseye, buster, sid
  • size: 456 kB
  • sloc: sh: 895; makefile: 8
file content (633 lines) | stat: -rw-r--r-- 24,162 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
## Some notes about this file:
## - All comments start with a double #
## - All settings are commented out with a single #
##   To change the default settings, you need both to uncomment the lines
##   AND, in most cases, to change the value that is given.
## - Take care to keep proper indentation, that is by simply deleting
##   the original #, with no additional space before the setting's name.
## - Take care to keep proper quoting. All ' must have a matching ' at
##   the end of the same line. The same goes for "
## - Lines containing "## Section" are section headings. Do not edit them!
## - Lists need the space after the -
## - The values true, false and numbers should have no quote marks.
##   Single words don't need quote marks, but it doesn't do any harm to have them.
##
## You can set and/or override all these settings through environment variables
## with the following conversion rules:
## - Strip the top level namespace (configuration, production, etc.)
## - Build the path to the setting, for example environment.s3.enable
## - Replace the dots with underscores: environment_s3_enable
## - Convert to upper case: ENVIRONMENT_S3_ENABLE
## - Specify lists/arrays as comma-separated values
##
## - For example, on Heroku:
##   heroku config:set SERVICES_FACEBOOK_APP_ID=yourappid SERVICES_FACEBOOK_SECRET=yourappsecret

configuration: ## Section

  ## You need to change or at least review the settings in this section
  ## in order for your pod to work.
  environment: ## Section

    ## Set the hostname of the machine you're running Diaspora on, as seen
    ## from the internet. This should be the URL you want to use to
    ## access the pod. So if you plan to use a reverse proxy, it should be
    ## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP!
    ## However changing http to https is okay and has no consequences.
    ## If you do change the URL, you will have to start again as the URL
    ## will be hardcoded into the database.
    #url: "https://example.org/"

    ## Set the bundle of certificate authorities (CA) certificates.
    ## This is specific to your operating system.
    ## Examples (uncomment the relevant one or add your own):
    ## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates):
    certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
    ## For CentOS, Fedora:
    #certificate_authorities: '/etc/pki/tls/certs/ca-bundle.crt'

    ## URL for a remote Redis (default=localhost).
    ## Don't forget to restrict IP access if you uncomment these!
    #redis: 'redis://example_host'
    #redis: 'redis://username:password@host:6379/0'
    #redis: 'unix:///tmp/redis.sock'

    ## Require SSL (default=true).
    ## When set, your pod will force the use of HTTPS in production mode.
    ## Since OAuth2 requires SSL, Diaspora's future API might not work if
    ## you're not using SSL. Also there is no guarantee that posting to
    ## services will be possible if SSL is disabled.
    ## Do not change this default unless you are sure!
    #require_ssl: true

    ## Single-process mode (default=false).
    ## If set to true, Diaspora will work with just the appserver (Unicorn by
    ## default) running. However, this makes it quite slow as intensive jobs
    ## must be run all the time inside the request cycle. We strongly
    ## recommended you leave this disabled for production setups.
    ## Set to true to enable.
    #single_process_mode: false

    ## Sidekiq - background processing
    sidekiq: ## Section

      ## Number of parallel threads Sidekiq uses (default=5).
      ## If you touch this, please set the pool setting in your database.yml
      ## to a value that's at minimum close to this! You can safely increase
      ## it to 25 and more on a medium-sized pod. This applies per started
      ## Sidekiq worker, so if you set it to 25 and start two workers, you'll
      ## process up to 50 jobs in parallel.
      #concurrency: 5

      ## Number of times a job is retried (default=10).
      ## There's an exponential effect to this: if you set this too high you
      ## might get too many jobs building up in the queue.
      ## Set it to false to disable it completely.
      #retry: 10

      ## Namespace to use in Redis. Useful if you need to run
      ## multiple instances of Diaspora using the same Redis instance.
      #namespace: "diaspora"

      ## Lines of backtrace that are stored on failure (default=15).
      ## Set n to the required value. Set this to false to reduce memory
      ## usage (and log size) if you're not interested in this data.
      #backtrace: 15

      ## Log file for Sidekiq (default="log/sidekiq.log")
      #log: "log/sidekiq.log"

    ## Use Amazon S3 instead of your local filesystem
    ## to handle uploaded pictures (disabled by default).
    s3: ## Section

      #enable: true
      #key: 'change_me'
      #secret: 'change_me'
      #bucket: 'my_photos'
      #region: 'us-east-1'

      ## Use max-age header on Amazon S3 resources (default=true).
      ## When true, this allows locally cached images to be served for up to
      ## one year. This can improve load speed and save requests to the image
      ## host. Set to false to revert to browser defaults (usually less than
      ## one year).
      #cache : true

    ## Set redirect URL for an external image host (Amazon S3 or other).
    ## If hosting images for your pod on an external server (even your own),
    ## add its URL here. All requests made to images under /uploads/images
    ## will be redirected to https://yourhost.tld/uploads/images/
    #image_redirect_url: 'https://images.example.org'

    assets: ## Section

      ## Serve static assets via the appserver (default=false).
      ## This is highly discouraged for production use. Let your reverse
      ## proxy/webserver do it by serving the files under public/ directly.
      #serve: false

      ## Upload your assets to S3 (default=false).
      #upload: false

      ## Specify an asset host. Ensure it does not have a trailing slash (/).
      #host: http://cdn.example.org/diaspora

    ## Pubsub server (default='https://pubsubhubbub.appspot.com/').
    ## Diaspora is only tested against the default pubsub server.
    ## You probably don't want to uncomment or change this.
    #pubsub_server: 'https://pubsubhubbub.appspot.com/'

  ## Settings affecting how ./script/server behaves.
  server: ## Section

    ## The port on which the appserver should listen (default=3000).
    #port: 3000

    ## Rails environment (default='development').
    ## The environment in which the server should be started by default.
    ## Change this to 'production' if you wish to run a production environment.
    #rails_environment: 'development'

    ## Write unicorn stderr and stdout log.
    #stderr_log: '/usr/local/app/diaspora/log/unicorn-stderr.log'
    #stdout_log: '/usr/local/app/diaspora/log/unicorn-stdout.log'

    ## Number of Unicorn worker processes (default=2).
    ## Increase this if you have many users.
    #unicorn_worker: 2

    ## Number of seconds before a request is aborted (default=90).
    ## Increase if you get empty responses, or if large image uploads fail.
    ## Decrease if you're under heavy load and don't care if some
    ## requests fail.
    #unicorn_timeout: 90

    ## Embed a Sidekiq worker inside the unicorn process (default=false).
    ## Useful for minimal Heroku setups.
    #embed_sidekiq_worker: false

    ## Number of Sidekiq worker processes (default=1).
    ## In most cases it is better to
    ## increase environment.sidekiq.concurrency instead!
    #sidekiq_workers: 1

  ## Diaspora has an internal XMPP server. If you want to enable the chat
  ## functionality or want to use a custom XMPP server, then you should edit
  ## the following configuration.
  ##
  ## The internal XMPP server does not support https
  ## and even if we implement it, we would ran into certificate issues.
  ## The problem with mixed-content is described here:
  ## https://github.com/Zauberstuhl/diaspora/issues/6
  ##
  ## The easiest way of avoiding certificate and mixed-content issues
  ## is to use a proxy, e.g.:
  ##
  ## Apache: https://gist.github.com/Zauberstuhl/2d09330961614b12b642
  ## Nginx: https://gist.github.com/Zauberstuhl/ee95e1eacefa6ddbec6e
  ##
  ## If you configured your proxy correctly, you should adjust
  ## the configuration in the BOSH section.
  chat: ## Section

    ## Enable the chat service and all its components.
    #enabled: true

    ## Custom XMPP server configuration goes here.
    server: ## Section

      ## Start built-in XMPP server (default=true).
      ## In case you want to run your own server, you should disable it.
      #enabled: false

      ## Set the directory in which to look for virtual hosts'
      ## TLS certificates.
      #certs: 'config/vines'

      ## The server accepts by default only valid certificates.
      ## Any connection which uses self-signed ones will be closed.
      ## If you'd like to accept self-signed certificates
      ## on your server, set the next option to true.
      #accept_self_signed: true

      ## Only edit the next option if you'd like to deny
      ## your users to exchange messages between other XMPP servers.
      #cross_domain_messages: false

      ## Set the maximum of offline messages stored per user (default=150).
      ## If it exceeds, it will start deleting old messages. You can disable
      ## offline message support completely by setting the option to zero.
      #max_offline_msgs: 150

      ## Client to server
      c2s: ## Section

        ## Configure the address that vines should listen on.
        #address: '0.0.0.0'

        ## Configure the client-to-server port.
        #port: 5222

        ## The maximum we'd like to allow for stanza size.
        #max_stanza_size: 65536

        ## The max_resources_per_account attribute, limits how many
        ## concurrent connections one user can have to the server.
        #max_resources_per_account: 5

      ## Server to server
      s2s: ## Section

        ## Configure the address that vines should listen on.
        #address: '0.0.0.0'

        ## Configure the server-to-server port.
        #port: 5269

        ## The max_stanza_size attribute should be
        ## much larger than the setting for client-to-server.
        #max_stanza_size: 131072

        ## By default every XMPP server with a valid certificate
        ## is able to communicate with your server. In case of a
        ## malicious server (e.g. spam reason), you can black-list them.
        #blacklist:
        #  - 'example.com'
        #  - 'malicous.net'

      ## XEP-0124 BOSH requests
      bosh: ## Section

        ## If you'd like to use a proxy, you should set the proxy
        ## option to true, otherwise jsxc always tries to
        ## connect directly to the port specified below.
        #proxy: true

        ## Configure the address that vines should listen on.
        #address: '0.0.0.0'

        ## Configure the BOSH port.
        #port: 5280

        ## Configure the bind endpoint.
        #bind: '/http-bind'

        ## The maximum we'd like to allow for stanza size.
        #max_stanza_size: 65536

        ## The max_resources_per_account attribute, limits how many
        ## concurrent connections one user can have to the server.
        #max_resources_per_account: 5

      ## Specify log behaviour here.
      log: ## Section

        ## Log file location.
        #file: 'log/vines.log'

        ## Set the logging level to debug, info, warn, error, or fatal.
        ## The debug level logs all XML sent and received by the server.
        #level: 'info'

  ## Settings potentially affecting the privacy of your users.
  privacy: ## Section

    ## Include jQuery from jquery.com's CDN (default=false).
    ## Enabling this can reduce traffic and speed up load time since most
    ## clients already have this one cached. When set to false (the default),
    ## the jQuery library will be loaded from your pod's own resources.
    #jquery_cdn: false

    ## Google Analytics (disabled by default).
    ## Provide a key to enable tracking by Google Analytics.
    #google_analytics_key:

    ## Piwik Tracking (disabled by default).
    ## Provide a site ID and the host piwik is running on to enable
    ## tracking through Piwik.
    piwik: ## Section

      #enable: true
      #host: 'stats.example.org'
      #site_id: 1

    ## Mixpanel event tracking (disabled by default).
    #mixpanel_uid:

    ## Chartbeat tracking (disabled by default).
    #chartbeat_uid:

    ## Statistics
    ## Your pod will report its name, software version and whether
    ## or not registrations are open via /statistics.json.
    ## Uncomment the options below to enable more statistics.
    statistics: ## Section

      ## Local user total and 6 month active counts.
      #user_counts: true

      ## Local post total count.
      #post_counts: true
      #comment_counts: true

    ## Use Camo to proxy embedded remote images.
    ## Do not enable this setting unless you have a working Camo setup. Using
    ## camo to proxy embedded images will improve the privacy and security of
    ## your pod's frontend, but it will increase the traffic on your server.
    ## Check out https://wiki.diasporafoundation.org/Installation/Camo for
    ## more details and installation instructions.
    camo: ## Section

      ## Proxy images embedded via markdown (default=false).
      ## Embedded images are quite often from non-SSL sites and may cause a
      ## partial content warning, so this is recommended.
      #proxy_markdown_images: true

      ## Proxy Open Graph thumbnails (default=false).
      ## Open Graph thumbnails may or may not be encrypted and loaded from
      ## servers outside the network. Recommended.
      #proxy_opengraph_thumbnails: true

      ## Proxy remote pod's images (default=false).
      ## Profile pictures and photos from other pods usually are encrypted,
      ## so enabling this is only useful if you want to avoid HTTP requests to
      ## third-party servers. This will create a lot of traffic on your camo
      ## instance. You have been warned.
      #proxy_remote_pod_images: true

      ## Root of your Camo installation
      #root: "https://example.com/camo/"

      ## Shared key of your Camo installation
      #key: "example123example456example!"

  ## General settings
  settings: ## Section

    ## Pod name (default="diaspora*")
    ## The pod name displayed in various locations, including the header.
    #pod_name: "diaspora*"

    ## Allow registrations (default=true)
    ## Set this to false to prevent people from signing up to your pod
    ## without an invitation. Note that this needs to be set to true
    ## (or commented out) to enable the first registration (you).
    #enable_registrations: true

    ## Auto-follow on sign-up (default=true)
    ## Users will automatically follow a specified account on creation.
    ## Set this to false if you don't want your users to automatically
    ## follow an account upon creation.
    #autofollow_on_join: true

    ## Auto-follow account (default='diasporahq@joindiaspora.com')
    ## The diaspora* HQ account keeps users up to date with news about Diaspora.
    ## If you set another auto-follow account (for example your podmin account),
    ## please consider resharing diaspora* HQ's posts for your pod's users!
    #autofollow_on_join_user: 'diasporahq@joindiaspora.com'

    ## Invitation settings
    invitations: ## Section

      ## Enable invitations (default=true)
      ## Set this to false if you don't want users to be able to send invites.
      #open: true

      ## Number of invitations per invite link (default=25)
      ## Every user will see such a link if you have enabled
      ## invitations on your pod.
      #count: 25

    ## Paypal donations (disabled by default)
    ## You can set details for a Paypal button here to allow donations
    ## towards running the pod.
    ## First, enable the function, then set the currency in which you
    ## wish to receive donations, and **either** a hosted button id
    ## **or** an encrypted key for an unhosted button.
    paypal_donations: ## Section
      #enable: false
    
      ## Currency used (USD, EUR...)
      #currency: USD
    
      ## hosted Paypal button id
      #paypal_hosted_button_id: "change_me"
      ## OR encrypted key of unhosted button
      #paypal_unhosted_button_encrypted: "-----BEGIN PKCS7-----" 

    ## Bitcoin donations
    ## You can provide a bitcoin address here to allow your users to provide
    ## donations towards the running of their pod.
    #bitcoin_address: "change_me"

    ## Community spotlight (disabled by default)
    ## The community spotlight shows new users public posts from people you
    ## think are interesting in Diaspora's community. To add an account
    ## to the community spotlight add the 'spotlight' role to it.
    community_spotlight: ## Section

      #enable: true

      ## E-mail address to which users can make suggestions about who
      ## should be in the community spotlight (optional).
      #suggest_email: 'admin@example.org'

    ## CURL debug (default=false)
    ## Turn on extra verbose output when sending stuff. Note: you
    ## don't need to touch this unless explicitly told to.
    #typhoeus_verbose: false

    ## Maximum number of parallel HTTP requests made to other pods (default=20)
    ## Be careful, raising this setting will heavily increase the memory usage
    ## of your Sidekiq workers.
    #typhoeus_concurrency: 20

    ## Captcha settings
    captcha: ## Section

      ## Enable captcha (default=true)
      ## Set this to false if you don't want to use captcha for signup process.
      #enable: true

      ## Captcha image size (default='120x20')
      #image_size: '120x20'

      ## Length of captcha text (default=5)(max=12)
      #captcha_length: 5

      ## Captcha image style (default='simply_green')
      ## Available options for captcha image styles are: 'simply_blue',
      ## 'simply_red' 'simply_green', 'charcoal_grey', 'embossed_silver',
      ## 'all_black', 'distorted_black', 'almost_invisible', 'random'.
      #image_style: 'simply_green'

      ## Captcha image distortion (default='low')
      ## Sets the level of image distortion used in the captcha.
      ## Available options are: 'low', 'medium', 'high', 'random'.
      #distortion: 'low'

    ## Terms of Service
    ## Show a default or customized terms of service for users.
    ## You can create a custom Terms of Service by placing a template
    ## as app/views/terms/terms.haml or app/views/terms/terms.erb
    ## The default terms of service that can be extended is
    ## at app/views/terms/default.haml
    ## NOTE! The default terms have not been checked over by a lawyer and
    ## thus are unlikely to provide full legal protection for all situations
    ## for a podmin using them. They are also not specific to all countries
    ## and jurisdictions. If you are unsure, please check with a lawyer.
    ## We provide these for podmins as some basic rules that podmins
    ## can communicate to users easily via the diaspora* server software.
    ## Uncomment to enable this feature.
    terms: ## Section

      ## First enable it by uncommenting below.
      #enable: true

      ## Important! If you enable the terms, you should always
      ## set a location under which laws any disputes are governed
      ## under. For example, country or state/country, depending
      ## on the country in question.
      ## If this is not set, the whole paragraph about governing
      ## laws *is not shown* in the terms page.
      #jurisdiction: ""

      ## Age limit for signups.
      ## Set a number to activate this setting. This age limit is shown
      ## in the default ToS document.
      #minimum_age: false

    ## Maintenance
    ## Various pod maintenance related settings are controlled from here.
    maintenance: ## Section

      ## Removing old inactive users can be done automatically by background
      ## processing. The amount of inactivity is set by `after_days`. A warning
      ## email will be sent to the user and after an additional `warn_days`, the
      ## account will be automatically closed.
      ## This maintenance is not enabled by default.
      remove_old_users: ## Section

        #enable: true
        #after_days: 730
        #warn_days: 30

        ## Limit queuing for removal per day.
        #limit_removals_to_per_day: 100

    ## Source code URL
    ## URL to the source code your pod is currently running.
    ## If not set your pod will provide a downloadable archive.
    #source_url: 'https://example.org/username/diaspora'

  ## Posting from Diaspora to external services (all are disabled by default).
  services: ## Section

    ## OAuth credentials for Facebook
    facebook: ## Section

      #enable: true
      #app_id: 'abcdef'
      #secret: 'change_me'

    ## OAuth credentials for Twitter
    twitter: ## Section

      #enable: true
      #key: 'abcdef'
      #secret: 'change_me'

    ## OAuth credentials for Tumblr
    tumblr: ## Section

      #enable: true
      #key: 'abcdef'
      #secret: 'change_me'

    ## OAuth credentials for Wordpress
    wordpress: ## Section

      #enable: true
      #client_id: 'abcdef'
      #secret: 'change_me'

  ## Allow your pod to send emails for notifications, password recovery
  ## and other purposes (disabled by default).
  mail: ## Section

    ## First you need to enable it.
    #enable: true

    ## Sender address used in mail sent by Diaspora.
    #sender_address: 'no-reply@example.org'

    ## This selects which mailer should be used. Use 'smtp' for a smtp
    ## connection, 'sendmail' to use the sendmail binary or
    ## 'messagebus' to use the messagebus service.
    #method: 'smtp'

    ## Ignore if method isn't 'smtp'.
    smtp: ## Section

      ## Host and port of the smtp server handling outgoing mail.
      ## This should match the common name of the certificate sent by
      ## the SMTP server, if it sends one. (default port=587)
      #host: 'smtp.example.org'
      #port: 587

      ## Authentication required to send mail (default='plain').
      ## Use one of 'plain', 'login' or 'cram_md5'. Use 'none'
      ## if server does not support authentication.
      #authentication: 'plain'

      ## Credentials to log in to the SMTP server.
      ## May be necessary if authentication is not 'none'.
      #username: 'change_me'
      #password: 'change_me'

      ## Automatically enable TLS (default=true).
      ## Leave this commented out if authentication is set to 'none'.
      #starttls_auto: true

      ## The domain for the HELO command, if needed.
      #domain: 'smtp.example.org'

      ## OpenSSL verify mode used when connecting to a SMTP server with TLS.
      ## Set this to 'none' if you have a self-signed certificate. Possible
      ## values: 'none', 'peer', 'client_once', 'fail_if_no_peer_cert'.
      #openssl_verify_mode: 'none'

    ## Ignore if method isn't 'sendmail'
    sendmail: ## Section

      ## The path to the sendmail binary (default='/usr/sbin/sendmail')
      #location: '/usr/sbin/sendmail'

      ## Use exim and sendmail (default=false)
      #exim_fix: false

    ## Ignore if method isn't 'messagebus'
    #message_bus_api_key: 'abcdef'

  ## Administrator settings
  admins: ## Section

    ## Set the admin account.
    ## This doesn't make the user an admin but is used when a generic
    ## admin contact is needed, much like the postmaster role in mail
    ## systems. Set only the username, NOT the full ID.
    #account: "podmaster"

    ## E-mail address to contact the administrator.
    #podmin_email: 'podmin@example.org'

## Here you can override settings defined above if you need
## to have them different in different environments.
production: ## Section
  environment: ## Section
    #redis_url: 'redis://production.example.org:6379'

development: ## Section
  environment: ## Section
    #redis_url: 'redis://production.example.org:6379'