fix bootstrap5 cspheader settings, add php http response to conf, add required model config header
This commit is contained in:
parent
8fc63b27f5
commit
1659b6a9c7
119
conf.php.tmpl
119
conf.php.tmpl
@ -1,7 +1,12 @@
|
||||
[main]
|
||||
name = "PrivateBin"
|
||||
;<?php http_response_code(403); /*
|
||||
; config file for PrivateBin
|
||||
;
|
||||
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
|
||||
|
||||
basepath = "{{ env "DOMAIN" }}"
|
||||
[main]
|
||||
name = "{{ env "PB_INSTANCE_NAME" }}"
|
||||
|
||||
basepath = "https://{{ env "DOMAIN" }}/"
|
||||
|
||||
discussion = {{ env "PB_DISCUSSIONS_ENABLE" }}
|
||||
|
||||
@ -37,7 +42,11 @@ email = {{ env "PB_EMAIL_ENABLE" }}
|
||||
|
||||
icon = "none"
|
||||
|
||||
{{ if eq (env "PB_THEME") "bootstrap5" }}
|
||||
cspheader = "default-src 'self'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'wasm-unsafe-eval'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
|
||||
{{ else }}
|
||||
cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'wasm-unsafe-eval'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
|
||||
{{ end }}
|
||||
|
||||
zerobincompatibility = false
|
||||
|
||||
@ -67,4 +76,106 @@ header = "X_FORWARDED_FOR"
|
||||
|
||||
[purge]
|
||||
limit = 300
|
||||
batchsize = 10
|
||||
batchsize = 10
|
||||
|
||||
[model]
|
||||
; name of data model class to load and directory for storage
|
||||
; the default model "Filesystem" stores everything in the filesystem
|
||||
class = Filesystem
|
||||
[model_options]
|
||||
dir = PATH "data"
|
||||
|
||||
;[model]
|
||||
; example of a Google Cloud Storage configuration
|
||||
;class = GoogleCloudStorage
|
||||
;[model_options]
|
||||
;bucket = "my-private-bin"
|
||||
;prefix = "pastes"
|
||||
;uniformacl = false
|
||||
|
||||
;[model]
|
||||
; example of DB configuration for MySQL
|
||||
;class = Database
|
||||
;[model_options]
|
||||
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
|
||||
;tbl = "privatebin_" ; table prefix
|
||||
;usr = "privatebin"
|
||||
;pwd = "Z3r0P4ss"
|
||||
;opt[12] = true ; PDO::ATTR_PERSISTENT
|
||||
|
||||
;[model]
|
||||
; example of DB configuration for SQLite
|
||||
;class = Database
|
||||
;[model_options]
|
||||
;dsn = "sqlite:" PATH "data/db.sq3"
|
||||
;usr = null
|
||||
;pwd = null
|
||||
;opt[12] = true ; PDO::ATTR_PERSISTENT
|
||||
|
||||
;[model]
|
||||
; example of DB configuration for PostgreSQL
|
||||
;class = Database
|
||||
;[model_options]
|
||||
;dsn = "pgsql:host=localhost;dbname=privatebin"
|
||||
;tbl = "privatebin_" ; table prefix
|
||||
;usr = "privatebin"
|
||||
;pwd = "Z3r0P4ss"
|
||||
;opt[12] = true ; PDO::ATTR_PERSISTENT
|
||||
|
||||
;[model]
|
||||
; example of S3 configuration for Rados gateway / CEPH
|
||||
;class = S3Storage
|
||||
;[model_options]
|
||||
;region = ""
|
||||
;version = "2006-03-01"
|
||||
;endpoint = "https://s3.my-ceph.invalid"
|
||||
;use_path_style_endpoint = true
|
||||
;bucket = "my-bucket"
|
||||
;accesskey = "my-rados-user"
|
||||
;secretkey = "my-rados-pass"
|
||||
|
||||
;[model]
|
||||
; example of S3 configuration for AWS
|
||||
;class = S3Storage
|
||||
;[model_options]
|
||||
;region = "eu-central-1"
|
||||
;version = "latest"
|
||||
;bucket = "my-bucket"
|
||||
;accesskey = "access key id"
|
||||
;secretkey = "secret access key"
|
||||
|
||||
;[model]
|
||||
; example of S3 configuration for AWS using its SDK default credential provider chain
|
||||
; if relying on environment variables, the AWS SDK will look for the following:
|
||||
; - AWS_ACCESS_KEY_ID
|
||||
; - AWS_SECRET_ACCESS_KEY
|
||||
; - AWS_SESSION_TOKEN (if needed)
|
||||
; for more details, see https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html#default-credential-chain
|
||||
;class = S3Storage
|
||||
;[model_options]
|
||||
;region = "eu-central-1"
|
||||
;version = "latest"
|
||||
;bucket = "my-bucket"
|
||||
|
||||
;[yourls]
|
||||
; When using YOURLS as a "urlshortener" config item:
|
||||
; - By default, "urlshortener" will point to the YOURLS API URL, with or without
|
||||
; credentials, and will be visible in public on the PrivateBin web page.
|
||||
; Only use this if you allow short URL creation without credentials.
|
||||
; - Alternatively, using the parameters in this section ("signature" and
|
||||
; "apiurl"), "urlshortener" needs to point to the base URL of your PrivateBin
|
||||
; instance with "?shortenviayourls&link=" appended. For example:
|
||||
; urlshortener = "${basepath}?shortenviayourls&link="
|
||||
; This URL will in turn call YOURLS on the server side, using the URL from
|
||||
; "apiurl" and the "access signature" from the "signature" parameters below.
|
||||
|
||||
; (optional) the "signature" (access key) issued by YOURLS for the using account
|
||||
; signature = ""
|
||||
; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL
|
||||
; apiurl = "https://yourls.example.com/yourls-api.php"
|
||||
|
||||
;[sri]
|
||||
; Subresource integrity (SRI) hashes used in template files. Uncomment and set
|
||||
; these for all js files used. See:
|
||||
; https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-i-have-changed-some-javascript-files
|
||||
;js/privatebin.js = "sha512-[…]"
|
||||
Loading…
x
Reference in New Issue
Block a user