X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;ds=sidebyside;f=config%2Fdefault.js;h=bbc66fcd2fcf6f4249deeb483136abf630d3ea01;hb=846fd81473a87284f52833154ddca0bf95b3046f;hp=5c7091fce7ce87befc70a54bc1146856d141f4dd;hpb=9696c012e6b9a6c58904baa397ca0ebf78112316;p=websub-hub
diff --git a/config/default.js b/config/default.js
index 5c7091f..bbc66fc 100644
--- a/config/default.js
+++ b/config/default.js
@@ -9,6 +9,9 @@ const defaultOptions = {
// Uniquely identify this instance, used to tag work-in-progress.
nodeId: common.requestId(), // Default to ephemeral ID: easiest for clustered deployments.
+ // This should be set to a reasonably long passphrase or random buffer, to keep client session data secure.
+ encryptionSecret: undefined, // REQUIRED
+
// Dingus API Server Framework options. Be sure to set the one REQUIRED option here.
dingus: {
// This needs to be the full externally accessible root URL, including any proxyPrefix component, which clients will connect to, and which topics will list as their hub link.
@@ -22,6 +25,12 @@ const defaultOptions = {
db: {
connectionString: '', // e.g. sqlite://path/to/dbfile.sqlite
queryLogLevel: undefined, // Set to log queries
+ cacheEnabled: true, // Cache some db responses. (Postgres only)
+ listener: { // Settings for the cache-invalidator connection. (Postgres only)
+ // pingDelayMs: 5000, // Connection keep-alive/health-check.
+ // reconnectDelayMs: 6000, // Wait time before attempting reconnection.
+ // reconnectTimes: 10, // Retries limit.
+ },
},
// Logging options
@@ -38,6 +47,10 @@ const defaultOptions = {
manager: {
pageTitle: packageName, // title on html pages
+ footerEntries: [ // common footers on all html pages
+ 'Development Repository / GitHub mirror',
+ '©',
+ ],
strictSecrets: false, // If true, reject requests with secrets but not over https
publicHub: true, // Accept publish requests as new topics.
processImmediately: true, // If true, immediately attempt to process requests when accepted.
@@ -59,6 +72,8 @@ const defaultOptions = {
authenticator: {
basicRealm: packageName, // Realm prompt for login on administration pages
secureAuthOnly: true, // Require secure transport for authentication.
+ authnEnabled: ['argon2', 'pam'],
+ forbiddenPAMIdentifiers: ['root'],
},
worker: {