-
Notifications
You must be signed in to change notification settings - Fork 4
/
isso.conf
199 lines (154 loc) · 6.7 KB
/
isso.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
# Isso configuration file
# vim: set filetype=ini
[general]
# file location to the SQLite3 database, highly recommended to change this
# location to a non-temporary location!
dbpath = ./comments.db
# required to dispatch multiple websites, not used otherwise.
name =
# Your website(s). If Isso is unable to connect to at least one site, you'll
# get a warning during startup and comments are most likely non-functional.
#
# You'll need at least one host/website to run Isso. This is due to security
# reasons: Isso uses CORS_ to embed comments and to restrict comments only to
# your website, you have to "whitelist" your website(s).
#
# I recommend the first value to be a non-SSL website that is used as fallback
# if Firefox users (and only those) supress their HTTP referer completely:
#
# NEED_TO_CHANGE
host =
http://localhost:1313
# time range that allows users to edit/remove their own comments.
# It supports hours, minutes, seconds.
# Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
# 3h45m12s equals to 3 hours, 45 minutes and 12 seconds.
max-age = 15m
# Select notification backend for new comments. Currently, only SMTP is
# available.
# Select notification backend(s) for new comments, separated by comma.
# Available backends:
#
# stdout
# Log to standard output. Default, if none selected.
# smtp
# Send notifications via SMTP on new comments with activation (if
# moderated) and deletion links.
notify = stdout
# Allow users to request E-mail notifications for replies to their post.
# WARNING: It is highly recommended to also turn on moderation when enabling
# this setting, as Isso can otherwise be easily exploited for sending spam.
reply-notifications=false
# Log console messages to file instead of standard output.
log-file =
# adds property "gravatar_image" to json response when true
# will automatically build md5 hash by email and use "gravatar_url" to build
# the url to the gravatar image
gravatar = false
# default url for gravatar. {} is where the hash will be placed
gravatar-url = https://www.gravatar.com/avatar/{}?d=identicon
# enable the "/latest" endpoint, that serves comment for multiple posts (not
# needing to previously know the posts URIs)
latest-enabled = false
[admin]
enabled = false
# Admin access password
password = please_choose_a_strong_password
[moderation]
# enable comment moderation queue. This option only affects new comments.
# Comments in modertion queue are not visible to other users until you activate
# them.
enabled = false
# with moderation enabled, automatically approve new comments by an
# author if they've had comments approved within the last 6 months
# Note: No verification is done on the email addresses entered by commenters.
# This means that if someone is able to guess correctly the email address used
# by a previously approved author, they will be able to have their new comment
# auto-approved. For this reason, we recommend that you also activate SMTP
# notification if you activate this option, so that you will see
# auto-approved comments as they get posted.
approve-if-email-previously-approved = false
# remove unprocessed comments in moderation queue after given time.
purge-after = 30d
[server]
# interface to listen on. Isso supports TCP/IP and unix domain sockets: UNIX
# domain socket listen = unix:///tmp/isso.sock TCP/IP listen =
# http:///localhost:1234/
#
# When gevent is available, it is automatically used for http:// Currently,
# gevent can not handle http requests on unix domain socket (see #295 and #299
# for details). Does not apply for uWSGI.
listen = http://localhost:8080
# public URL that Isso is accessed from by end users. Should always be a
# http:// or https:// absolute address. If left blank, automatic detection is
# attempted.
public-endpoint =
# reload application, when the source code has changed. Useful for development.
# Only works with the internal webserver.
reload = off
# show 10 most time consuming function in Isso after each request. Do not use
# in production.
profile = off
# an optional list of reverse proxies IPs behind which you have deployed
# your Isso web service (e.g. `127.0.0.1`).
# This allow for proper remote address resolution based on a
# `X-Forwarded-For` HTTP header, which is important for the mechanism
# forbiding several comment votes coming from the same subnet.
trusted-proxies =
[smtp]
# Isso can notify you on new comments via SMTP. In the email notification, you
# also can moderate (=activate or delete) comments.
# self-explanatory, optional
username =
# self-explanatory (yes, plain text, create a dedicated account for
# notifications), optional.
password =
# SMTP server
host = localhost
# SMTP port
port = 587
# use a secure connection to the server, possible values: none, starttls or
# ssl. Note, that there is no easy way for Python 2.7 and 3.3 to implement
# certification validation and thus the connection is vulnerable to
# Man-in-the-Middle attacks. You should definitely use a dedicated SMTP account
# for Isso in that case.
security = starttls
# recipient address, e.g. your email address
to =
# sender address, e.g. "Foo Bar" <[email protected]>
from =
# specify a timeout in seconds for blocking operations like the
# connection attempt.
timeout = 10
[guard]
# Enable basic spam protection features, e.g. rate-limit per IP address (/24
# for IPv4, /48 for IPv6).
# enable guard, recommended in production. Not useful for debugging purposes.
enabled = true
# limit to N new comments per minute.
ratelimit = 2
# how many comments directly to the thread (prevent a simple while true; do
# curl ...; done.
direct-reply = 3
# allow commenters to reply to their own comments when they could still edit
# the comment. After the editing timeframe is gone, commenters can reply to
# their own comments anyways. Do not forget to configure the client.
reply-to-self = false
# force commenters to enter a value into the author field. No validation is
# performed on the provided value. Do not forget to configure the client
# accordingly.
require-author = false
# require the commenter to enter an email address (note: no validation is
# done on the provided address). Do not forget to configure the client.
require-email = false
[markup]
# Customize markup and sanitized HTML. Currently, only Markdown (via Goldmark) is
# supported, but new languages are relatively easy to add.
# Additional HTML tags to allow in the generated output, comma-separated. By
# default, only a, blockquote, br, code, del, em, h1, h2, h3, h4, h5, h6, hr,
# ins, li, ol, p, pre, strong, table, tbody, td, th, thead and ul are allowed.
allowed-elements =
# Additional HTML attributes (independent from elements) to allow in the
# generated output, comma-separated. By default, only align and href are
# allowed.
allowed-attributes =