enigma-bbs/misc/config_template.in.hjson

502 lines
17 KiB
Plaintext

{
/*
./\/\.' ENiGMA½ System Configuration -/--/-------- - -- -
_____________________ _____ ____________________ __________\_ /
\__ ____/\_ ____ \ /____/ / _____ __ \ / ______/ // /___jp!
// __|___// | \// |// | \// | | \// \ /___ /_____
/____ _____| __________ ___|__| ____| \ / _____ \
---- \______\ -- |______\ ------ /______/ ---- |______\ - |______\ /__/ // ___/
/__ _\
<*> ENiGMA½ // HTTPS://GITHUB.COM/NUSKOOLER/ENIGMA-BBS <*> /__/
*-----------------------------------------------------------------------------*
Generated by ENiGMA½ v%ENIG_VERSION% / hjson v%HJSON_VERSION%
*-----------------------------------------------------------------------------*
------------------------------- -- - -
General Information
------------------------------- - -
This configuration is in HJSON (http://hjson.org/) format. Strict to-spec
JSON is also perfectly valid. Use 'hjson' from npm to convert to/from JSON.
See http://hjson.org/ for more information and syntax.
Various editors and IDEs such as Sublime Text 3, Visual Studio Code, and so
on have syntax highlighting for the HJSON format which are highly recommended.
------------------------------- -- - -
Configuration
------------------------------- - -
ENiGMA½ is *highly* configurable, and thus can be overwhelming at first!
By default, this file contains common configuration elements, examples, etc.
To see a more complete view of settings available to the system, don't be
afraid to open up core/config.js and look around. Do not make changes there
however! All system configuration can be extended and defaults overridden
via this file!
Please see RTFM ...er, uh... see the documentation for more information, and
don't be shy to ask for help:
BBS : Xibalba @ xibalba.l33t.codes
FTN : BBS Discussion on fsxNet
IRC : #enigma-bbs / FreeNode
Email : bryan@l33t.codes
*/
general: {
// Your BBS Name!
boardName: XXXXX
// Your BBS name, with pipe codes for styling
prettyBoardName : '|08XXXXX'
// Telnet hostname and port for your board
telnetHostname : 'xibalba.l33t.codes:44510'
// SSH hostname and port for your board
sshHostname : 'xibalba.l33t.codes:44511'
// Your board's website
website : 'https://enigma-bbs.github.io'
// Short board description
description : 'Yet another awesome ENiGMA½ BBS'
}
paths: {
//
// Other paths can also be configured as well,
// but generally unnecessary
//
logs: XXXXX
}
logging: {
//
// Each block here represents a Bunyan style config.
// See https://github.com/trentm/node-bunyan#streams
//
// Remember you can pipe logs through Bunyan to pretty-print:
// Linux : tail -F ./logs/enigma-bbs.log | bunyan
// PowerShell : Get-Content .\enigma-bbs.log -Tail 15 | bunyan.cmd
//
// (npm install -g bunyan to get the binary)
//
// We default to a rotating-file stream:
// https://github.com/trentm/node-bunyan#stream-type-rotating-file
//
rotatingFile: {
// If you're having trouble, try setting this to "trace"
level: XXXXX
}
}
theme: {
// Default theme applied to new users. "*" indicates random.
default: XXXXX
// Theme applied before a user has logged in. "*" indicates random.
preLogin: XXXXX
//
// dateFormat, timeFormat, and dateTimeFormat blocks configure
// moment.js (https://momentjs.com/docs/#/displaying/) style formats
// for dates and times. Short and long versions are available.
// Note that themes may override these settings.
//
}
//
// Login servers represent available servers (or protocols) in which
// users are permitted to access your system.
//
loginServers: {
// Remember kids, Telnet is insecure!
telnet: {
// It's best to use non-privileged ports and NAT/foward to them
port: XXXXX
}
// ...but SSH *is* secure!
ssh: {
port: XXXXX
//
// To enable SSH, perform the following steps:
//
// 1 - Generate a Private Key (PK):
// Currently ENiGMA 1/2 requires a PKCS#1 PEM formatted PK.
// To generate a secure PK, issue the following command:
//
// > openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 \
// -pkeyopt rsa_keygen_pubexp:65537 | openssl rsa \
// -out ./config/ssh_private_key.pem -aes128
//
// (The above is a more modern equivelant of the following):
// > openssl genrsa -aes128 -out ./config/ssh_private_key.pem 2048
//
// 2 - Set 'privateKeyPass' to the password you used in step #1
//
// 3 - Finally, set 'enabled' to 'true'
//
// Additional reading:
// - https://blog.sleeplessbeastie.eu/2017/12/28/how-to-generate-private-key/
// - https://gist.github.com/briansmith/2ee42439923d8e65a266994d0f70180b
//
enabled: XXXXX
// set this to your PK's password, generated in step #1 above
privateKeyPass: SuperSecretPasswordChangeMe!
//
// It's possible to lock down various algorithms available to
// SSH, but be aware this may limit the clients that can connect!
//
algorithms: {}
}
webSocket: {
//
// Setting "proxied" to true allows non-secure (ws://) WebSockets
// to be considered secure when the X-Fowarded-Proto HTTP header
// is set to "https". This is helpful when ENiGMA is running behind
// another web server doing SSL/TLS termination.
//
proxied: false
// Non-secure WebSockets, or ws://
ws: {
port: XXXXX
}
// Secure WebSockets, or wss://
wss: {
port: XXXXX
enabled: XXXXX
//
// Certificate and Key in PEM format.
// Note that web browsers will not trust self-signed certs. Look
// into Let's Encrypt and perhaps running ENiGMA behind another
// web server such as Caddy.
//
certPem: XXXXX
keyPem: XXXXX
}
}
}
//
// Content Servers expose content from the system
//
contentServers: {
//
// The Web Content Server can expose content over HTTP (http://) and
// HTTPS (https://) for (but not limited to) the following purposes:
// * Static content
// * Web downloads from the file base
// * Password reset forms (sent to users in PW reset emails; see
// "email" block below)
//
web: {
// Set to your public FQDN
domain: another-fine-enigma-bbs.org
// Standard issue "www" folder. Place static content here
staticRoot: XXXXX
//
// This block configures password reset emails. Template files
// support the following variables:
// * %BOARDNAME% : Name of BBS
// * %USERNAME% : Username of whom to reset password
// * %TOKEN% : Reset token
// * %RESET_URL% : In case of email, the link to follow
// for reset. In case of landing page, URL to POST submit reset form.
//
resetPassword: {
}
http: {
port: XXXXX
}
https: {
port: XXXXX
enabled: XXXXX
//
// Note that web browsers will not trust self-signed certs. Look
// into Let's Encrypt and perhaps running ENiGMA behind another
// web server such as Caddy.
//
}
}
// Ladies and gentlemen, a Gopher server!
gopher: {
port: XXXXX
enabled: false
// bannerFile path in misc/ by default. Full paths allowed.
bannerFile: XXXXX
//
// The Gopher Content Server can export message base
// conferences and areas via the "messageConferences" key.
//
// Example:
// messageConferences: {
// some_conf: [ "area_tag1", "area_tag2" ]
// }
//
}
// You may also wish to enable NNTP services
nntp: {
//
// Set publicMessageConferences{} to configure
// publicly exposed conferences & areas.
//
// Example:
// publicMessageConferences: {
// some_conf: [ "area_tag1", "area_tag2" ]
// }
//
publicMessageConferences: {}
// non-secure
nntp: {
enabled: false
port: XXXXX
}
// secure (TLS)
nntps: {
enabled: false
port: XXXXX
//
// You will need a SSL/TLS certificate and key
//
certPem: XXXXX
keyPem: XXXXX
}
}
}
chatServers: {
// multi relay chat settings. No need to sign up, just enable it.
// More info: https://bbswiki.bottomlessabyss.net/index.php?title=MRC_Chat_platform
mrc: {
enabled : false
serverHostname : 'mrc.bottomlessabyss.net'
serverPort : 5000
}
}
//
// Currently, ENiGMA½ can use external email to mail
// users for password resets. Additional functionality will
// be added in the future.
//
email: {
//
// Set the following keys to configure:
// * "defaultFrom" to the reply address
// * "transport" to a configuration block that meets the
// requirements of Nodemailer (https://nodemailer.com/)
//
// Example:
// transport: {
// service: Zoho
// auth: {
// user: myuser@myhost.com
// pass: supersecretpassword
// }
// }
//
}
// Message conferences and areas are within this block
messageConferences: {
// An entry here prepresents a conference taka aka confTag
another_sample_conf: {
name: "Another Sample Conference"
desc: "Another conf sample. Change me!"
areas: {
// Similar to confTags, this is a areaTag
another_sample_area: {
name: "Another Sample Area"
desc: "Another area example. Change me!"
// The 'sort' key can override natural sort order and can live at the conference and area levels
sort: 2
}
}
}
}
// Configuration block for scanner/tosser modules
scannerTossers: {
// The most popular being FTN/BSO style networks
ftn_bso: {
//
// When you're ready to hook up to FTN networks, please
// see the documentation on message networks.
//
}
}
//
// ENiGMA½ comes with a very powerful File Base, but may be a bit strange
// until you get used to it. Please see the documentation!
//
fileBase: {
//
// Storage tags with relative paths (that is, paths that do not start
// with a "/") are relative to the following path:
//
areaStoragePrefix: XXXXX
//
// Storage tags create a tag -> directory (relative or full path)
// that can be used in areas.
//
storageTags: {
//
// Example storage tag: "super_l33t_warez":
// super_l33t_warez: "/path/to/super/l33t/warez"
//
}
areas: {
//
// Example area with the areaTag of "an_example_area":
// an_example_area: {
// name: "Example File Area"
// desc: "It's just an example, yo!"
// storageTags: [
// "super_l33t_warez"
// ]
// }
//
// File Base Areas are read-only (ie: download only) by default.
// To make a uploadable area, set ACS as you like. For example,
// to allow all users to upload to an area:
//
// an_example_area: {
// // ...
// acs: {
// write: GM[users]
// }
// }
}
}
// General user configuration
users: {
//
// ENiGMA½ utilizes user groups similar to Windows and *nix. Built in groups
// include "users" (for regular users) and "sysops" for +ops. You can add other
// groups to the system as well by adding a 'groups' key in this section:
// groups: [
// "leet", "lamerz"
// ]
//
//
// Set default group(s) new users should automatically be assigned to:
// defaultGroups : [
// "lamerz"
// ]
//
// Should new users require +op activation?
requireActivation: false,
// How long pre-authenticated users (have not logged in) can idle
preAuthIdleLogoutSeconds: XXXXX
// How long authenticated users (logged in) can idle
idleLogoutSeconds: XXXXX
// Usernames reserved for applying to your system
newUserNames: []
// Handling of failed logins
failedLogin : {
// disconnect after N failed attempts. 0=disabled.
disconnect : XXXXX
// Lock the user out after N failed attempts. 0=disabled.
lockAccount : XXXXX
//
// If locked out, how long until the user can login again?
// Set to 0 to disable auto-unlock
//
autoUnlockMinutes : XXXXX
},
// Allow email driven password resets to unlock accounts?
unlockAtEmailPwReset : XXXXX
}
// Archive files and related
archives: {
archivers: {
//
// Each key in the "archivers" configuration block represents a specific
// external archive utility. ENiGMA½ has sane configuration by default
// for many archivers, but the tools themselves are likely not yet installed
// on your system!
//
// You'll want to have archivers configured for the many old-school archive
// formats that a BBS may encounter! Please consult the documentation on
// information as to where to find and install these utilities!
//
}
}
fileTransferProtocols: {
//
// Each key in the "fileTransferProtocols" configuration block defines
// an external file transfer utility for legacy protocols such as
// X, Y, and Z-Modem.
//
// You will want to ensure your system has these external utilities
// installed and/or define new or additional protocols. Please
// see the documentation for more information!
//
}
//
// Use the Event Scheduler to set up arbitrary scheduled events
// using Later style syntax and/or @watch files.
// See docs/event-scheduler.md for more information.
//
eventScheduler: {
events: {
// Example:
//
// sampleEvent: {
// schedule: every 2 hours
// action: @execute:/path/to/some/script.sh
// args: [
// "--foo", "--bar"
// ]
// }
}
}
statLog: {
systemEvents: {
// Max login history event records kept. -1 = unlimited
loginHistoryMax: -1
}
}
}