1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
[default]
# identifier used in http response headers
ident = "minor skulk"
# limit to request parameter size. must be at least 32KiB.
limits.string = "32 KiB"
# limit to binary data size. avatars are sent as binary data,
# so this setting also limits the maximum permissible avatar
# size.
limits.bytes = "128 KiB"
# connection string for the database (mandatory)
#
# current only postgresql is supported, with libpq connection strings.
#
#database_url = "postgresql:///minorskulk"
# base location of the server (mandatory)
#
# this is the base url of the server, e.g. `https://my.domain` if you are running
# at the root of a domain or `https://my.domain/minorskulk` if you are running
# behind a reverse proxy that changes the root path.
# NOTE: if this is set incorrectly, *nothing will work*. the url is used as part
# of a request signing scheme, so setting this incorrectly will break all requests
# that use this signing scheme (which includes the login process).
#
#location = "https://my.domain"
# base location of the synstorage token server (mandatory)
#
# this is the base url of your syncstorage token server, i.e. a syncstorage-rs
# instance. the token server must also be configured to use this instance to
# verify client tokens by setting `tokenserver.fxa_email_domain` to some local
# value and `tokenserver.fxa_oauth_server_url` to `<location>/oauth/v1`.
#
# this url will only be rendered into the client autoconfig descriptor. setting
# an incorrect url here will not impact the function of minor skulk, but it will
# require setting not just the account server url in firefox but the token server
# url as well.
#
#token_server_location = "https://synstorage.my.domain"
# vapid key for push notifications (mandatory)
#
# this must be set to the path to a valid EC key, generated for example with
#
# openssl ecparam -genkey -name prime256v1 -out private_key.pem
#
# not setting this key will cause all push notifications to fail, including tab
# sending between devices on one account.
#
#vapid_key = "/etc/secrets/minor-skulk-push-key.pem"
# vapid subject identifier (mandatory)
#
# must be set to a mailto: address or a web url. mozilla ostensibly uses this
# information to contact you if weird things happen, and will reject pushes
# from server that do not provide this datum.
#vapid_subject = "mailto:minorskulk@my.domain"
# default push notification TTL (optional)
#
# default lifetime of push notifications sent through the mozilla webpush service.
# notifications that cannot be delivered within this time frame will be dropped.
#
#default_push_ttl = "2 days"
# expired token prune interval (optional)
#
# pruning interval for:
# - expired key fetch token
# - expired oauth tokens
# - expired oauth authorization code
# - expired device commands
# - expired invite codes
#
#prune_expired_interval = "5 minutes"
# mail-from address (mandatory)
#
# all emails sent by minor skulk will be sent from this address.
#
#mail_from = "minor skulk <noreply@my.domain>"
# mail host (optional)
#
# mail host to use when sending emails.
#
#mail_host = "localhost"
# mail port (optional)
#
# port to use when connecting to `mail_host`.
#
#mail_port = 25
# mail starttls support (optional)
#
# whether or not to use starttls for mail connections.
#
#mail_starttls = false
# invite only mode (optional)
#
# if set this instance will run in invite-only mode, disabling public
# registrations and requiring a single-use invite link to create a new
# account instead. invite links can be generated by the invite admin
# using the special (hidden) `#/generate-invite` fragment identifier
# on their account settings page.
#
#invite_only = false
# invite admin (optional)
#
# email address of the user capable of creating invite links. if no user
# is registered with the configured email address during startup a new
# invite code will be generated (valid for one hour) and written to the
# log. this check is done on every startup, so not setting this value will
# produce a new invite code every time minor skulk starts.
#
#invite_admin_address = "admin@my.domain"
|
