1fd4deb76d
After the 2.2.4 release we upgraded to a development commit between 2.2.4 and the future (at that time non existant) 2.2.5 release to fix integration between meetpad and etherpad. Now there is a proper 2.2.5 and we should update to get off the dev commit. This release fixes a number of bugs, updates dependencies, and adds proper swagger documentation for the API. The "complete" changelog can be seen here: https://github.com/ether/etherpad-lite/blob/v2.2.5/CHANGELOG.md Note that I don't believe the API has changed they are merely documenting it properly using swagger. Our testing should confirm. To expose the new swagger documentation we do add /api-docs/ and /api-docs.json to our proxy exclusion list. We also update our settings.json files to sync with upstream. This pulls in a new `updateServer` key value pair to set the location that should be checked by etherpad to determine if there is a newer version available. I believe this behavior has existing for years they are just now making it a bit more configurable. Unfortunately the way this value is used I think we will do a local file lookup if we set the value to "". I've stuck with the default since this shouldn't be a regression and we can try to disable it later. Change-Id: I73a09a0c79db18887cb1703c84f9aebae6f072eb
726 lines
24 KiB
Django/Jinja
726 lines
24 KiB
Django/Jinja
/*
|
|
* This file must be valid JSON. But comments are allowed
|
|
*
|
|
* Please edit settings.json, not settings.json.template
|
|
*
|
|
* Please note that starting from Etherpad 1.6.0 you can store DB credentials in
|
|
* a separate file (credentials.json).
|
|
*
|
|
*
|
|
* ENVIRONMENT VARIABLE SUBSTITUTION
|
|
* =================================
|
|
*
|
|
* All the configuration values can be read from environment variables using the
|
|
* syntax "${ENV_VAR}" or "${ENV_VAR:default_value}".
|
|
*
|
|
* This is useful, for example, when running in a Docker container.
|
|
*
|
|
* DETAILED RULES:
|
|
* - If the environment variable is set to the string "true" or "false", the
|
|
* value becomes Boolean true or false.
|
|
* - If the environment variable is set to the string "null", the value
|
|
* becomes null.
|
|
* - If the environment variable is set to the string "undefined", the setting
|
|
* is removed entirely, except when used as the member of an array in which
|
|
* case it becomes null.
|
|
* - If the environment variable is set to a string representation of a finite
|
|
* number, the string is converted to that number.
|
|
* - If the environment variable is set to any other string, including the
|
|
* empty string, the value is that string.
|
|
* - If the environment variable is unset and a default value is provided, the
|
|
* value is as if the environment variable was set to the provided default:
|
|
* - "${UNSET_VAR:}" becomes the empty string.
|
|
* - "${UNSET_VAR:foo}" becomes the string "foo".
|
|
* - "${UNSET_VAR:true}" and "${UNSET_VAR:false}" become true and false.
|
|
* - "${UNSET_VAR:null}" becomes null.
|
|
* - "${UNSET_VAR:undefined}" causes the setting to be removed (or be set
|
|
* to null, if used as a member of an array).
|
|
* - If the environment variable is unset and no default value is provided,
|
|
* the value becomes null. THIS BEHAVIOR MAY CHANGE IN A FUTURE VERSION OF
|
|
* ETHERPAD; if you want the default value to be null, you should explicitly
|
|
* specify "null" as the default value.
|
|
*
|
|
* EXAMPLE:
|
|
* "port": "${PORT:9001}"
|
|
* "minify": "${MINIFY}"
|
|
* "skinName": "${SKIN_NAME:colibris}"
|
|
*
|
|
* Would read the configuration values for those items from the environment
|
|
* variables PORT, MINIFY and SKIN_NAME.
|
|
*
|
|
* If PORT and SKIN_NAME variables were not defined, the default values 9001 and
|
|
* "colibris" would be used.
|
|
* The configuration value "minify", on the other hand, does not have a
|
|
* designated default value. Thus, if the environment variable MINIFY were
|
|
* undefined, "minify" would be null.
|
|
*
|
|
* REMARKS:
|
|
* 1) please note that variable substitution always needs to be quoted.
|
|
*
|
|
* "port": 9001, <-- Literal values. When not using
|
|
* "minify": false substitution, only strings must be
|
|
* "skinName": "colibris" quoted. Booleans and numbers must not.
|
|
*
|
|
* "port": "${PORT:9001}" <-- CORRECT: if you want to use a variable
|
|
* "minify": "${MINIFY:true}" substitution, put quotes around its name,
|
|
* "skinName": "${SKIN_NAME}" even if the required value is a number or
|
|
* a boolean.
|
|
* Etherpad will take care of rewriting it
|
|
* to the proper type if necessary.
|
|
*
|
|
* "port": ${PORT:9001} <-- ERROR: this is not valid json. Quotes
|
|
* "minify": ${MINIFY} around variable names are missing.
|
|
* "skinName": ${SKIN_NAME}
|
|
*
|
|
* 2) Beware of undefined variables and default values: nulls and empty strings
|
|
* are different!
|
|
*
|
|
* This is particularly important for user's passwords (see the relevant
|
|
* section):
|
|
*
|
|
* "password": "${PASSW}" // if PASSW is not defined would result in password === null
|
|
* "password": "${PASSW:}" // if PASSW is not defined would result in password === ''
|
|
*
|
|
* If you want to use an empty value (null) as default value for a variable,
|
|
* simply do not set it, without putting any colons: "${ABIWORD}".
|
|
*
|
|
* 3) if you want to use newlines in the default value of a string parameter,
|
|
* use "\n" as usual.
|
|
*
|
|
* "defaultPadText" : "${DEFAULT_PAD_TEXT}Line 1\nLine 2"
|
|
*/
|
|
{
|
|
/*
|
|
* Name your instance!
|
|
*/
|
|
// OpenDev: We template this value.
|
|
"title": "{{ etherpad_title }}",
|
|
|
|
/*
|
|
* Pathname of the favicon you want to use. If null, the skin's favicon is
|
|
* used if one is provided by the skin, otherwise the default Etherpad favicon
|
|
* is used. If this is a relative path it is interpreted as relative to the
|
|
* Etherpad root directory.
|
|
*/
|
|
// OpenDev: We install a favicon file.
|
|
"favicon": "favicon.ico",
|
|
|
|
/*
|
|
* Skin name.
|
|
*
|
|
* Its value has to be an existing directory under src/static/skins.
|
|
* You can write your own, or use one of the included ones:
|
|
*
|
|
* - "no-skin": an empty skin (default). This yields the unmodified,
|
|
* traditional Etherpad theme.
|
|
* - "colibris": the new experimental skin (since Etherpad 1.8), candidate to
|
|
* become the default in Etherpad 2.0
|
|
*/
|
|
// OpenDev: Use no-skin as our skin.
|
|
"skinName": "no-skin",
|
|
|
|
/*
|
|
* Skin Variants
|
|
*
|
|
* Use the UI skin variants builder at /p/test#skinvariantsbuilder
|
|
*
|
|
* For the colibris skin only, you can choose how to render the three main
|
|
* containers:
|
|
* - toolbar (top menu with icons)
|
|
* - editor (containing the text of the pad)
|
|
* - background (area outside of editor, mostly visible when using page style)
|
|
*
|
|
* For each of the 3 containers you can choose 4 color combinations:
|
|
* super-light, light, dark, super-dark.
|
|
*
|
|
* For example, to make the toolbar dark, you will include "dark-toolbar" into
|
|
* skinVariants.
|
|
*
|
|
* You can provide multiple skin variants separated by spaces. Default
|
|
* skinVariant is "super-light-toolbar super-light-editor light-background".
|
|
*
|
|
* For the editor container, you can also make it full width by adding
|
|
* "full-width-editor" variant (by default editor is rendered as a page, with
|
|
* a max-width of 900px).
|
|
*/
|
|
"skinVariants": "super-light-toolbar super-light-editor light-background",
|
|
|
|
/*
|
|
* IP and port which Etherpad should bind at.
|
|
*
|
|
* Binding to a Unix socket is also supported: just use an empty string for
|
|
* the ip, and put the full path to the socket in the port parameter.
|
|
*
|
|
* EXAMPLE USING UNIX SOCKET:
|
|
* "ip": "", // <-- has to be an empty string
|
|
* "port" : "/somepath/etherpad.socket", // <-- path to a Unix socket
|
|
*/
|
|
// OpenDev: We proxy to this, so only listen on the loopback.
|
|
"ip": "127.0.0.1",
|
|
"port": 9001,
|
|
|
|
/*
|
|
* Option to hide/show the settings.json in admin page.
|
|
*
|
|
* Default option is set to true
|
|
*/
|
|
"showSettingsInAdminPage": true,
|
|
|
|
/*
|
|
* Settings for cleanup of pads
|
|
*/
|
|
"cleanup": {
|
|
"enabled": false,
|
|
"keepRevisions": 5
|
|
},
|
|
|
|
/*
|
|
* Node native SSL support
|
|
*
|
|
* This is disabled by default.
|
|
* Make sure to have the minimum and correct file access permissions set so
|
|
* that the Etherpad server can access them
|
|
*/
|
|
|
|
/*
|
|
"ssl" : {
|
|
"key" : "/path-to-your/epl-server.key",
|
|
"cert" : "/path-to-your/epl-server.crt",
|
|
"ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"]
|
|
},
|
|
*/
|
|
|
|
/*
|
|
* The type of the database.
|
|
*
|
|
* You can choose between many DB drivers, for example: dirty, postgres,
|
|
* sqlite, mysql.
|
|
*
|
|
* You shouldn't use "dirty" for for anything else than testing or
|
|
* development.
|
|
*
|
|
*
|
|
* Database specific settings are dependent on dbType, and go in dbSettings.
|
|
* Remember that since Etherpad 1.6.0 you can also store this information in
|
|
* credentials.json.
|
|
*
|
|
* For a complete list of the supported drivers, please refer to:
|
|
* https://www.npmjs.com/package/ueberdb2
|
|
*/
|
|
|
|
// OpenDev: Comment this out, and uncomment mysql below instead.
|
|
/*
|
|
"dbType": "dirty",
|
|
"dbSettings": {
|
|
"filename": "var/dirty.db"
|
|
},
|
|
*/
|
|
|
|
/*
|
|
* An Example of MySQL Configuration (commented out).
|
|
*
|
|
* See: https://github.com/ether/etherpad-lite/wiki/How-to-use-Etherpad-Lite-with-MySQL
|
|
*/
|
|
|
|
// OpenDev: Template the user/password, and use our own DB name.
|
|
"dbType" : "mysql",
|
|
"dbSettings" : {
|
|
"user": "{{ etherpad_db_user }}",
|
|
"host": "localhost",
|
|
"port": 3306,
|
|
"password": "{{ etherpad_db_password }}",
|
|
"database": "etherpad-lite",
|
|
"charset": "utf8mb4"
|
|
},
|
|
|
|
/*
|
|
* The default text of a pad
|
|
*/
|
|
// OpenDev: We brand this content with our name.
|
|
"defaultPadText" : "Welcome to OpenDev Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nOpenDev: https://opendev.org\nEtherpad on Github: https://github.com/ether/etherpad-lite\n",
|
|
|
|
/*
|
|
* Default Pad behavior.
|
|
*
|
|
* Change them if you want to override.
|
|
*/
|
|
// OpenDev: Turn on the chat widget by default, and use en-us language.
|
|
"padOptions": {
|
|
"noColors": false,
|
|
"showControls": true,
|
|
"showChat": true,
|
|
"showLineNumbers": true,
|
|
"useMonospaceFont": false,
|
|
"userName": null,
|
|
"userColor": null,
|
|
"rtl": false,
|
|
"alwaysShowChat": true,
|
|
"chatAndUsers": false,
|
|
"lang": "en-us"
|
|
},
|
|
|
|
/*
|
|
* Pad Shortcut Keys
|
|
*/
|
|
"padShortcutEnabled" : {
|
|
"altF9": true, /* focus on the File Menu and/or editbar */
|
|
"altC": true, /* focus on the Chat window */
|
|
"cmdShift2": true, /* shows a gritter popup showing a line author */
|
|
"delete": true,
|
|
"return": true,
|
|
"esc": true, /* in mozilla versions 14-19 avoid reconnecting pad */
|
|
"cmdS": true, /* save a revision */
|
|
"tab": true, /* indent */
|
|
"cmdZ": true, /* undo/redo */
|
|
"cmdY": true, /* redo */
|
|
"cmdI": true, /* italic */
|
|
"cmdB": true, /* bold */
|
|
"cmdU": true, /* underline */
|
|
"cmd5": true, /* strike through */
|
|
"cmdShiftL": true, /* unordered list */
|
|
"cmdShiftN": true, /* ordered list */
|
|
"cmdShift1": true, /* ordered list */
|
|
"cmdShiftC": true, /* clear authorship */
|
|
"cmdH": true, /* backspace */
|
|
"ctrlHome": true, /* scroll to top of pad */
|
|
"pageUp": true,
|
|
"pageDown": true
|
|
},
|
|
|
|
/*
|
|
* Enables the use of a different server. We have a different one that syncs changes from the original server.
|
|
* It is hosted on GitHub and should not be blocked by many firewalls.
|
|
* https://etherpad.org/ep_infos
|
|
*/
|
|
|
|
"updateServer": "https://etherpad.org/ep_infos",
|
|
|
|
/*
|
|
* Should we suppress errors from being visible in the default Pad Text?
|
|
*/
|
|
"suppressErrorsInPadText": false,
|
|
|
|
/*
|
|
* If this option is enabled, a user must have a session to access pads.
|
|
* This effectively allows only group pads to be accessed.
|
|
*/
|
|
"requireSession": false,
|
|
|
|
/*
|
|
* Users may edit pads but not create new ones.
|
|
*
|
|
* Pad creation is only via the API.
|
|
* This applies both to group pads and regular pads.
|
|
*/
|
|
"editOnly": false,
|
|
|
|
/*
|
|
* If true, all css & js will be minified before sending to the client.
|
|
*
|
|
* This will improve the loading performance massively, but makes it difficult
|
|
* to debug the javascript/css
|
|
*/
|
|
"minify": true,
|
|
|
|
/*
|
|
* How long may clients use served javascript code (in seconds)?
|
|
*
|
|
* Not setting this may cause problems during deployment.
|
|
* Set to 0 to disable caching.
|
|
*/
|
|
"maxAge": 21600, // 60 * 60 * 6 = 6 hours
|
|
|
|
/*
|
|
* Absolute path to the Abiword executable.
|
|
*
|
|
* Abiword is needed to get advanced import/export features of pads. Setting
|
|
* it to null disables Abiword and will only allow plain text and HTML
|
|
* import/exports.
|
|
*/
|
|
"abiword": null,
|
|
|
|
/*
|
|
* This is the absolute path to the soffice executable.
|
|
*
|
|
* LibreOffice can be used in lieu of Abiword to export pads.
|
|
* Setting it to null disables LibreOffice exporting.
|
|
*/
|
|
"soffice": null,
|
|
|
|
/*
|
|
* Allow import of file types other than the supported ones:
|
|
* txt, doc, docx, rtf, odt, html & htm
|
|
*/
|
|
"allowUnknownFileEnds": true,
|
|
|
|
/*
|
|
* This setting is used if you require authentication of all users.
|
|
*
|
|
* Note: "/admin" always requires authentication.
|
|
*/
|
|
"requireAuthentication": false,
|
|
|
|
/*
|
|
* Require authorization by a module, or a user with is_admin set, see below.
|
|
*/
|
|
"requireAuthorization": false,
|
|
|
|
/*
|
|
* When you use NGINX or another proxy/load-balancer set this to true.
|
|
*
|
|
* This is especially necessary when the reverse proxy performs SSL
|
|
* termination, otherwise the cookies will not have the "secure" flag.
|
|
*
|
|
* The other effect will be that the logs will contain the real client's IP,
|
|
* instead of the reverse proxy's IP.
|
|
*/
|
|
// OpenDev: We reverse-proxy the service behind an Apache frontend.
|
|
"trustProxy": true,
|
|
|
|
/*
|
|
* Settings controlling the session cookie issued by Etherpad.
|
|
*/
|
|
"cookie": {
|
|
/*
|
|
* How often (in milliseconds) the key used to sign the express_sid cookie
|
|
* should be rotated. Long rotation intervals reduce signature verification
|
|
* overhead (because there are fewer historical keys to check) and database
|
|
* load (fewer historical keys to store, and less frequent queries to
|
|
* get/update the keys). Short rotation intervals are slightly more secure.
|
|
*
|
|
* Multiple Etherpad processes sharing the same database (table) is
|
|
* supported as long as the clock sync error is significantly less than this
|
|
* value.
|
|
*
|
|
* Key rotation can be disabled (not recommended) by setting this to 0 or
|
|
* null, or by disabling session expiration (see sessionLifetime).
|
|
*/
|
|
"keyRotationInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
|
|
|
/*
|
|
* Value of the SameSite cookie property. "Lax" is recommended unless
|
|
* Etherpad will be embedded in an iframe from another site, in which case
|
|
* this must be set to "None". Note: "None" will not work (the browser will
|
|
* not send the cookie to Etherpad) unless https is used to access Etherpad
|
|
* (either directly or via a reverse proxy with "trustProxy" set to true).
|
|
*
|
|
* "Strict" is not recommended because it has few security benefits but
|
|
* significant usability drawbacks vs. "Lax". See
|
|
* https://stackoverflow.com/q/41841880 for discussion.
|
|
*/
|
|
"sameSite": "Lax",
|
|
|
|
/*
|
|
* How long (in milliseconds) after navigating away from Etherpad before the
|
|
* user is required to log in again. (The express_sid cookie is set to
|
|
* expire at time now + sessionLifetime when first created, and its
|
|
* expiration time is periodically refreshed to a new now + sessionLifetime
|
|
* value.) If requireAuthentication is false then this value does not really
|
|
* matter.
|
|
*
|
|
* The "best" value depends on your users' usage patterns and the amount of
|
|
* convenience you desire. A long lifetime is more convenient (users won't
|
|
* have to log back in as often) but has some drawbacks:
|
|
* - It increases the amount of state kept in the database.
|
|
* - It might weaken security somewhat: The cookie expiration is refreshed
|
|
* indefinitely without consulting authentication or authorization
|
|
* hooks, so once a user has accessed a pad, the user can continue to
|
|
* use the pad until the user leaves for longer than sessionLifetime.
|
|
* - More historical keys (sessionLifetime / keyRotationInterval) must be
|
|
* checked when verifying signatures.
|
|
*
|
|
* Session lifetime can be set to infinity (not recommended) by setting this
|
|
* to null or 0. Note that if the session does not expire, most browsers
|
|
* will delete the cookie when the browser exits, but a session record is
|
|
* kept in the database forever.
|
|
*/
|
|
"sessionLifetime": 864000000, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
|
|
|
/*
|
|
* How long (in milliseconds) before the expiration time of an active user's
|
|
* session is refreshed (to now + sessionLifetime). This setting affects the
|
|
* following:
|
|
* - How often a new session expiration time will be written to the
|
|
* database.
|
|
* - How often each user's browser will ping the Etherpad server to
|
|
* refresh the expiration time of the session cookie.
|
|
*
|
|
* High values reduce the load on the database and the load from browsers,
|
|
* but can shorten the effective session lifetime if Etherpad is restarted
|
|
* or the user navigates away.
|
|
*
|
|
* Automatic session refreshes can be disabled (not recommended) by setting
|
|
* this to null.
|
|
*/
|
|
"sessionRefreshInterval": 86400000 // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
|
},
|
|
|
|
/*
|
|
* Privacy: disable IP logging
|
|
*/
|
|
"disableIPlogging": false,
|
|
|
|
/*
|
|
* Time (in seconds) to automatically reconnect pad when a "Force reconnect"
|
|
* message is shown to user.
|
|
*
|
|
* Set to 0 to disable automatic reconnection.
|
|
*/
|
|
"automaticReconnectionTimeout": 0,
|
|
|
|
/*
|
|
* By default, when caret is moved out of viewport, it scrolls the minimum
|
|
* height needed to make this line visible.
|
|
*/
|
|
"scrollWhenFocusLineIsOutOfViewport": {
|
|
|
|
/*
|
|
* Percentage of viewport height to be additionally scrolled.
|
|
*
|
|
* E.g.: use "percentage.editionAboveViewport": 0.5, to place caret line in
|
|
* the middle of viewport, when user edits a line above of the
|
|
* viewport
|
|
*
|
|
* Set to 0 to disable extra scrolling
|
|
*/
|
|
"percentage": {
|
|
"editionAboveViewport": 0,
|
|
"editionBelowViewport": 0
|
|
},
|
|
|
|
/*
|
|
* Time (in milliseconds) used to animate the scroll transition.
|
|
* Set to 0 to disable animation
|
|
*/
|
|
"duration": 0,
|
|
|
|
/*
|
|
* Flag to control if it should scroll when user places the caret in the
|
|
* last line of the viewport
|
|
*/
|
|
"scrollWhenCaretIsInTheLastLineOfViewport": false,
|
|
|
|
/*
|
|
* Percentage of viewport height to be additionally scrolled when user
|
|
* presses arrow up in the line of the top of the viewport.
|
|
*
|
|
* Set to 0 to let the scroll to be handled as default by Etherpad
|
|
*/
|
|
"percentageToScrollWhenUserPressesArrowUp": 0
|
|
},
|
|
|
|
/*
|
|
* User accounts. These accounts are used by:
|
|
* - default HTTP basic authentication if no plugin handles authentication
|
|
* - some but not all authentication plugins
|
|
* - some but not all authorization plugins
|
|
*
|
|
* User properties:
|
|
* - password: The user's password. Some authentication plugins will ignore
|
|
* this.
|
|
* - is_admin: true gives access to /admin. Defaults to false. If you do not
|
|
* uncomment this, /admin will not be available!
|
|
* - readOnly: If true, this user will not be able to create new pads or
|
|
* modify existing pads. Defaults to false.
|
|
* - canCreate: If this is true and readOnly is false, this user can create
|
|
* new pads. Defaults to true.
|
|
*
|
|
* Authentication and authorization plugins may define additional properties.
|
|
*
|
|
* WARNING: passwords should not be stored in plaintext in this file.
|
|
* If you want to mitigate this, please install ep_hash_auth and
|
|
* follow the section "secure your installation" in README.md
|
|
*/
|
|
|
|
/*
|
|
"users": {
|
|
"admin": {
|
|
// 1) "password" can be replaced with "hash" if you install ep_hash_auth
|
|
// 2) please note that if password is null, the user will not be created
|
|
"password": "changeme1",
|
|
"is_admin": true
|
|
},
|
|
"user": {
|
|
// 1) "password" can be replaced with "hash" if you install ep_hash_auth
|
|
// 2) please note that if password is null, the user will not be created
|
|
"password": "changeme1",
|
|
"is_admin": false
|
|
}
|
|
},
|
|
*/
|
|
|
|
/*
|
|
* Restrict socket.io transport methods
|
|
*/
|
|
// OpenDev: Add websocket for our Jitsi-Meet integration.
|
|
"socketTransportProtocols" : ["websocket", "polling"],
|
|
|
|
"socketIo": {
|
|
/*
|
|
* Maximum permitted client message size (in bytes). All messages from
|
|
* clients that are larger than this will be rejected. Large values make it
|
|
* possible to paste large amounts of text, and plugins may require a larger
|
|
* value to work properly, but increasing the value increases susceptibility
|
|
* to denial of service attacks (malicious clients can exhaust memory).
|
|
*/
|
|
"maxHttpBufferSize": 50000
|
|
},
|
|
|
|
/*
|
|
* Allow Load Testing tools to hit the Etherpad Instance.
|
|
*
|
|
* WARNING: this will disable security on the instance.
|
|
*/
|
|
"loadTest": false,
|
|
|
|
/**
|
|
* Disable dump of objects preventing a clean exit
|
|
*/
|
|
"dumpOnUncleanExit": false,
|
|
|
|
/*
|
|
* Disable indentation on new line when previous line ends with some special
|
|
* chars (':', '[', '(', '{')
|
|
*/
|
|
|
|
/*
|
|
"indentationOnNewLine": false,
|
|
*/
|
|
|
|
/*
|
|
* From Etherpad 1.8.3 onwards, import and export of pads is always rate
|
|
* limited.
|
|
*
|
|
* The default is to allow at most 10 requests per IP in a 90 seconds window.
|
|
* After that the import/export request is rejected.
|
|
*
|
|
* See https://github.com/nfriedly/express-rate-limit for more options
|
|
*/
|
|
"importExportRateLimiting": {
|
|
// duration of the rate limit window (milliseconds)
|
|
"windowMs": 90000,
|
|
|
|
// maximum number of requests per IP to allow during the rate limit window
|
|
"max": 10
|
|
},
|
|
|
|
/*
|
|
* From Etherpad 1.8.3 onwards, the maximum allowed size for a single imported
|
|
* file is always bounded.
|
|
*
|
|
* File size is specified in bytes. Default is 50 MB.
|
|
*/
|
|
"importMaxFileSize": 52428800, // 50 * 1024 * 1024
|
|
|
|
/*
|
|
The authentication method used by the server.
|
|
The default value is sso
|
|
If you want to use the old authentication system, change this to apikey
|
|
*/
|
|
"authenticationMethod": "${AUTHENTICATION_METHOD:sso}",
|
|
|
|
/*
|
|
* From Etherpad 1.8.5 onwards, when Etherpad is in production mode commits from individual users are rate limited
|
|
*
|
|
* The default is to allow at most 10 changes per IP in a 1 second window.
|
|
* After that the change is rejected.
|
|
*
|
|
* See https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#websocket-single-connection-prevent-flooding for more options
|
|
*/
|
|
"commitRateLimiting": {
|
|
// duration of the rate limit window (seconds)
|
|
"duration": 1,
|
|
|
|
// maximum number of changes per IP to allow during the rate limit window
|
|
"points": 10
|
|
},
|
|
|
|
/*
|
|
* Toolbar buttons configuration.
|
|
*
|
|
* Uncomment to customize.
|
|
*/
|
|
|
|
/*
|
|
"toolbar": {
|
|
"left": [
|
|
["bold", "italic", "underline", "strikethrough"],
|
|
["orderedlist", "unorderedlist", "indent", "outdent"],
|
|
["undo", "redo"],
|
|
["clearauthorship"]
|
|
],
|
|
"right": [
|
|
["importexport", "timeslider", "savedrevision"],
|
|
["settings", "embed"],
|
|
["showusers"]
|
|
],
|
|
"timeslider": [
|
|
["timeslider_export", "timeslider_returnToPad"]
|
|
]
|
|
},
|
|
*/
|
|
|
|
/*
|
|
* Expose Etherpad version in the web interface and in the Server http header.
|
|
*
|
|
* Do not enable on production machines.
|
|
*/
|
|
"exposeVersion": false,
|
|
|
|
/*
|
|
* The log level we are using.
|
|
*
|
|
* Valid values: DEBUG, INFO, WARN, ERROR
|
|
*/
|
|
"loglevel": "INFO",
|
|
|
|
/*
|
|
* The log layout type to use.
|
|
*
|
|
* Valid values: basic, colored
|
|
*/
|
|
"logLayoutType": "colored",
|
|
|
|
/* Override any strings found in locale directories */
|
|
"customLocaleStrings": {},
|
|
|
|
/* Disable Admin UI tests */
|
|
"enableAdminUITests": false,
|
|
|
|
/*
|
|
* Enable/Disable case-insensitive pad names.
|
|
*/
|
|
"lowerCasePadIds": false,
|
|
|
|
// OpenDev: Set up admin oauth 2.0 credentials
|
|
"sso": {
|
|
"issuer": "${SSO_ISSUER:http://localhost:9001}",
|
|
"clients": [
|
|
{
|
|
"client_id": "api_admin",
|
|
"client_secret": "{{ etherpad_admin_api_secret }}",
|
|
"grant_types": ["client_credentials"],
|
|
"response_types": [],
|
|
"redirect_uris": [],
|
|
"extraParams": [
|
|
{
|
|
"name": "admin",
|
|
"value": "true"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
|
|
/* Set the time to live for the tokens
|
|
This is the time of seconds a user is logged into Etherpad
|
|
"ttl": {
|
|
"AccessToken": 3600,
|
|
"AuthorizationCode": 600,
|
|
"ClientCredentials": 3600,
|
|
"IdToken": 3600,
|
|
"RefreshToken": 86400
|
|
}
|
|
*/
|
|
}
|