3 // Provide default values for all configuration.
5 const { name: packageName
, version: packageVersion
} = require('../package.json');
6 const common
= require('../src/common');
7 const Enum
= require('../src/enum');
8 const roman
= require('@squeep/roman');
10 const currentYear
= (new Date()).getFullYear();
11 const romanYearHTML
= roman
.toRoman(currentYear
, true);
13 const defaultOptions
= {
14 // Uniquely identify this instance.
15 nodeId: common
.requestId(), // Default to ephemeral ID: easiest for clustered deployments.
17 encryptionSecret: '', // No default; set this to a long passphrase or randomness.
18 // This may also be set to an array, if secret needs to be rolled. This needs more documentation.
20 // Dingus API Server Framework options.
22 // This needs to be the full externally accessible root URL, including any proxyPrefix component.
25 // trustProxy: true, // If true, trust values of some headers regarding client IP address and protocol.
26 proxyPrefix: '', // Leading path parts to ignore when parsing routes, and include when constructing links, e.g. /indieauth
29 // The terminal portions of API route path endpoints.
31 authorization: 'auth',
33 healthcheck: 'healthcheck',
34 introspection: 'introspect',
44 connectionString: '', // e.g. sqlite://path/to/dbfile.sqlite
45 queryLogLevel: undefined, // Set to log queries
47 // SQLite specific options
48 sqliteOptimizeAfterChanges: 0, // Number of changes before running pragma optimize, 0 for never
51 // Queue options, currently only for handing off ticket offers
54 url: undefined, // AMQP endpoint, e.g. 'amqp://user:pass@rmq.host:5672' If not specified, ticket endpoint will be disabled
57 ticketPublishName: 'ticket.proffered', // exchange to publish proffered tickets to
58 ticketRedeemedName: 'ticket.redeemed', // exchange to publish redeemed ticket tokens to
63 ignoreBelowLevel: 'info',
67 codeValidityTimeoutMs: 10 * 60 * 1000,
68 ticketLifespanSeconds: 300,
69 pageTitle: packageName
, // title on html pages
70 logoUrl: 'static/logo.svg', // image to go with title
71 footerEntries: [ // common footers on all html pages
72 '<a href="https://git.squeep.com/?p=squeep-indie-auther;a=tree">Development Repository</a>',
73 `<span class="copyright">©<time datetime="${currentYear}">${romanYearHTML}</time></span>`,
75 allowLegacyNonPKCE: false, // Whether to process auth requests lacking code challenges
79 scopeCleanupMs: 0, // how often to clean up unreferenced scopes, 0 for never
80 tokenCleanupMs: 0, // how often to clean up no-longer-valid scopes, 0 for never
81 publishTicketsMs: 0, // how often to try to re-publish unpublished redeemed ticket tokens
84 // Outgoing request UA header. Setting these here to override helper defaults.
87 version: packageVersion
,
88 implementation: Enum
.Specification
,
92 authnEnabled: ['argon2', 'pam'], // Types of authentication to attempt.
93 secureAuthOnly: true, // Require secure transport for authentication.
94 forbiddenPAMIdentifiers: [
101 module
.exports
= defaultOptions
;