{ /* ./\/\.' ENiGMA½ System Configuration -/--/-------- - -- - _____________________ _____ ____________________ __________\_ / \__ ____/\_ ____ \ /____/ / _____ __ \ / ______/ // /___jp! // __|___// | \// |// | \// | | \// \ /___ /_____ /____ _____| __________ ___|__| ____| \ / _____ \ ---- \______\ -- |______\ ------ /______/ ---- |______\ - |______\ /__/ // ___/ /__ _\ <*> ENiGMA½ // HTTPS://GITHUB.COM/NUSKOOLER/ENIGMA-BBS <*> /__/ *-----------------------------------------------------------------------------* Generated by ENiGMA½ v%ENIG_VERSION% / hjson v%HJSON_VERSION% *-----------------------------------------------------------------------------* ------------------------------- -- - - General Information ------------------------------- - - This configuration is in HJSON (http://hjson.org/) format. Strict to-spec JSON is also perfectly valid. Use 'hjson' from npm to convert to/from JSON. See http://hjson.org/ for more information and syntax. Various editors and IDEs such as Sublime Text 3, Visual Studio Code, and so on have syntax highlighting for the HJSON format which are highly recommended. ------------------------------- -- - - Configuration ------------------------------- - - ENiGMA½ is *highly* configurable, and thus can be overwhelming at first! By default, this file contains common configuration elements, examples, etc. To see a more complete view of settings available to the system, don't be afraid to open up core/config.js and look around. Do not make changes there however! All system configuration can be extended and defaults overridden via this file! Please see RTFM ...er, uh... see the documentation for more information, and don't be shy to ask for help: BBS : Xibalba @ xibalba.l33t.codes FTN : BBS Discussion on fsxNet IRC : #enigma-bbs / FreeNode Email : bryan@l33t.codes */ general: { // Your BBS Name! boardName: XXXXX } paths: { // // Other paths can also be configured as well, // but generally unnecessary // logs: XXXXX } logging: { // // Each block here represents a Bunyan style config. // See https://github.com/trentm/node-bunyan#streams // // Remember you can pipe logs through Bunyan to pretty-print: // Linux : tail -F ./logs/enigma-bbs.log | bunyan // PowerShell : Get-Content .\enigma-bbs.log -Tail 15 | bunyan.cmd // // (npm install -g bunyan to get the binary) // // We default to a rotating-file stream: // https://github.com/trentm/node-bunyan#stream-type-rotating-file // rotatingFile: { // If you're having trouble, try setting this to "trace" level: XXXXX } } theme: { // Default theme applied to new users. "*" indicates random. default: XXXXX // Theme applied before a user has logged in. "*" indicates random. preLogin: XXXXX // // dateFormat, timeFormat, and dateTimeFormat blocks configure // moment.js (https://momentjs.com/docs/#/displaying/) style formats // for dates and times. Short and long versions are available. // Note that themes may override these settings. // } // // Login servers represent available servers (or protocols) in which // users are permitted to access your system. // loginServers: { // Remember kids, Telnet is insecure! telnet: { // It's best to use non-privileged ports and NAT/foward to them port: XXXXX } // ...but SSH *is* secure! ssh: { port: XXXXX // // To enable SSH, perform the following steps: // // 1 - Generate a Private Key (PK): // Currently ENiGMA 1/2 requires a PKCS#1 PEM formatted PK. // To generate a secure PK, issue the following command: // // > openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 \ // -pkeyopt rsa_keygen_pubexp:65537 | openssl rsa \ // -out ./config/security/ssh_private_key.pem -aes128 // // (The above is a more modern equivelant of the following): // > openssl genrsa -aes128 -out ./config/security/ssh_private_key.pem 2048 // // 2 - Set 'privateKeyPass' to the password you used in step #1 // // 3 - Finally, set 'enabled' to 'true' // // Additional reading: // - https://blog.sleeplessbeastie.eu/2017/12/28/how-to-generate-private-key/ // - https://gist.github.com/briansmith/2ee42439923d8e65a266994d0f70180b // enabled: XXXXX // set this to your PK's password, generated in step #1 above privateKeyPass: SuperSecretPasswordChangeMe! // // It's possible to lock down various algorithms available to // SSH, but be aware this may limit the clients that can connect! // algorithms: {} } webSocket: { // // Setting "proxied" to true allows non-secure (ws://) WebSockets // to be considered secure when the X-Fowarded-Proto HTTP header // is set to "https". This is helpful when ENiGMA is running behind // another web server doing SSL/TLS termination. // proxied: false // Non-secure WebSockets, or ws:// ws: { port: XXXXX } // Secure WebSockets, or wss:// wss: { port: XXXXX enabled: XXXXX // // Certificate and Key in PEM format. // Note that web browsers will not trust self-signed certs. Look // into Let's Encrypt and perhaps running ENiGMA behind another // web server such as Caddy. // certPem: XXXXX keyPem: XXXXX } } } // // Content Servers expose content from the system // contentServers: { // // The Web Content Server can expose content over HTTP (http://) and // HTTPS (https://) for (but not limited to) the following purposes: // * Static content // * Web downloads from the file base // * Password reset forms (sent to users in PW reset emails; see // "email" block below) // web: { // Set to your public FQDN domain: another-fine-enigma-bbs.org // Standard issue "www" folder. Place static content here staticRoot: XXXXX // // This block configures password reset emails. Template files // support the following variables: // * %BOARDNAME% : Name of BBS // * %USERNAME% : Username of whom to reset password // * %TOKEN% : Reset token // * %RESET_URL% : In case of email, the link to follow // for reset. In case of landing page, URL to POST submit reset form. // resetPassword: { } http: { port: XXXXX } https: { port: XXXXX enabled: XXXXX // // Note that web browsers will not trust self-signed certs. Look // into Let's Encrypt and perhaps running ENiGMA behind another // web server such as Caddy. // } } // Ladies and gentlemen, a Gopher server! gopher: { port: XXXXX enabled: false // bannerFile path in misc/ by default. Full paths allowed. bannerFile: XXXXX // // The Gopher Content Server can export message base // conferences and areas via the "messageConferences" key. // // Example: // messageConferences: { // some_conf: [ "area_tag1", "area_tag2" ] // } // } // You may also wish to enable NNTP services nntp: { // // Set publicMessageConferences{} to configure // publicly exposed conferences & areas. // // Example: // publicMessageConferences: { // some_conf: [ "area_tag1", "area_tag2" ] // } // publicMessageConferences: {} // non-secure nntp: { enabled: false port: XXXXX } // secure (TLS) nntps: { enabled: false port: XXXXX // // You will need a SSL/TLS certificate and key // certPem: XXXXX keyPem: XXXXX } } } // // Currently, ENiGMA½ can use external email to mail // users for password resets. Additional functionality will // be added in the future. // email: { // // Set the following keys to configure: // * "defaultFrom" to the reply address // * "transport" to a configuration block that meets the // requirements of Nodemailer (https://nodemailer.com/) // // Example: // transport: { // service: Zoho // auth: { // user: myuser@myhost.com // pass: supersecretpassword // } // } // } // Message conferences and areas are within this block messageConferences: { // An entry here prepresents a conference taka aka confTag another_sample_conf: { name: "Another Sample Conference" desc: "Another conf sample. Change me!" areas: { // Similar to confTags, this is a areaTag another_sample_area: { name: "Another Sample Area" desc: "Another area example. Change me!" // The 'sort' key can override natural sort order and can live at the conference and area levels sort: 2 } } } } // Configuration block for scanner/tosser modules scannerTossers: { // The most popular being FTN/BSO style networks ftn_bso: { // // When you're ready to hook up to FTN networks, please // see the documentation on message networks. // } } // // ENiGMA½ comes with a very powerful File Base, but may be a bit strange // until you get used to it. Please see the documentation! // fileBase: { // // Storage tags with relative paths (that is, paths that do not start // with a "/") are relative to the following path: // areaStoragePrefix: XXXXX // // Storage tags create a tag -> directory (relative or full path) // that can be used in areas. // storageTags: { // // Example storage tag: "super_l33t_warez": // super_l33t_warez: "/path/to/super/l33t/warez" // } areas: { // // Example area with the areaTag of "an_example_area": // an_example_area: { // name: "Example File Area" // desc: "It's just an example, yo!" // storageTags: [ // "super_l33t_warez" // ] // } // // File Base Areas are read-only (ie: download only) by default. // To make a uploadable area, set ACS as you like. For example, // to allow all users to upload to an area: // // an_example_area: { // // ... // acs: { // write: GM[users] // } // } } } // General user configuration users: { // // ENiGMA½ utilizes user groups similar to Windows and *nix. Built in groups // include "users" (for regular users) and "sysops" for +ops. You can add other // groups to the system as well by adding a 'groups' key in this section: // groups: [ // "leet", "lamerz" // ] // // // Set default group(s) new users should automatically be assigned to: // defaultGroups : [ // "lamerz" // ] // // Should new users require +op activation? requireActivation: false, // How long pre-authenticated users (have not logged in) can idle preAuthIdleLogoutSeconds: XXXXX // How long authenticated users (logged in) can idle idleLogoutSeconds: XXXXX // Usernames reserved for applying to your system newUserNames: [] // Handling of failed logins failedLogin : { // disconnect after N failed attempts. 0=disabled. disconnect : XXXXX // Lock the user out after N failed attempts. 0=disabled. lockAccount : XXXXX // // If locked out, how long until the user can login again? // Set to 0 to disable auto-unlock // autoUnlockMinutes : XXXXX }, // Allow email driven password resets to unlock accounts? unlockAtEmailPwReset : XXXXX } // Archive files and related archives: { archivers: { // // Each key in the "archivers" configuration block represents a specific // external archive utility. ENiGMA½ has sane configuration by default // for many archivers, but the tools themselves are likely not yet installed // on your system! // // You'll want to have archivers configured for the many old-school archive // formats that a BBS may encounter! Please consult the documentation on // information as to where to find and install these utilities! // } } fileTransferProtocols: { // // Each key in the "fileTransferProtocols" configuration block defines // an external file transfer utility for legacy protocols such as // X, Y, and Z-Modem. // // You will want to ensure your system has these external utilities // installed and/or define new or additional protocols. Please // see the documentation for more information! // } // // Use the Event Scheduler to set up arbitrary scheduled events // using Later style syntax and/or @watch files. // See docs/event-scheduler.md for more information. // eventScheduler: { events: { // Example: // // sampleEvent: { // schedule: every 2 hours // action: @execute:/path/to/some/script.sh // args: [ // "--foo", "--bar" // ] // } } } statLog: { systemEvents: { // Max login history event records kept. -1 = unlimited loginHistoryMax: -1 } } }