summaryrefslogtreecommitdiffstats
path: root/gomf.conf
blob: 9a0dc47efd5db0960a5d9487e6f6575a08891416 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# vim: set ft=sh:

#shellcheck disable=SC2034

# Simple startup/configuration script for Gomf
# Leave options blank ("OPTION=", "OPTION=''") or comment them out to use Gomf
# defaults (see `gomf --help`)


# The website name, appearing on web pages
#NAME='Gomf'

# The hostname to serve uploaded files on
#
# By default, any connection can serve files on path /u/$file, but, if enabled,
# this host will serve them directly on /$file.
#UPLOAD_HOST=u.example.com

# The URL to serve uploaded files on
#
# Generated URLs will be $UPLOAD_URL/$file.$ext.
# If not specified, it is generated depending on which variables are set:
# - $UPLOAD_HOST and $LISTEN_HTTPS: https://$UPLOAD_HOST/
# - $UPLOAD_HOST and $LISTEN_HTTP: http://$UPLOAD_HOST/
# - $LISTEN_HTTPS: https://$LISTEN_HTTPS/u/
# - $LISTEN_HTTP: http://$LISTEN_HTTP/u/
#UPLOAD_URL=https://u.example.com/

# The contact email address, appearing on web pages
#CONTACT_EMAIL=contact@example.com

# The abuse contact email address, appearing on web pages
#ABUSE_EMAIL=abuse@example.com

# Adds the HSTS header to responses
#HSTS=0

# Sets the Content-Security-Policy header
#
# Useful for disallowing script execution in XML-based formats (e.g. SVG).
# Gomf default is "default-src 'none'; media-src 'self'", which blocks all
# scripts but allows inline video playback. 
# Set to "0" to disable the CSP header.
#CSP="default-src 'none'; media-src 'self'"

# Allows serving HTML/XHTML files with their actual MIME types
#
# If disabled, text/html and application/xhtml+xml will be served as types
# text/plain to prevent rendering thme in browser and to keep services such as
# CloudFlare from modifying them to insert its tracking JavaScript.
#ALLOW_HTML=0

# Sets Access-Control-Allow-Origin header to "*"
#
# This enables CORS and allows other sites' JavaScript applications to upload
# files using XMLHttpRequest.
#CORS=1

# Enables grills
#
# With this enabled, the path /grill.php will serve a redirect to a random file
# from the static/grill/ directory. This is used as a background-image in the
# bottom right corner in the default gomf-web style.
#GRILL=1

# The charset used to generate file IDs
#
# Should only contain URL-safe characters. Must not contain / and _.
#ID_CHARSET='abcdefghijklmnopqrstuvwxyz'

# The length of generated file IDs
#ID_LENGTH=6

# Maximum allowed size in MiB
#
# When blank/commented, no maximum upload size is enforced.
#MAX_SIZE_MIB=50

# Enable whitelist mode instead of blacklist for filters
#
# When enabled, only the file extensions/types specified in filters are allowed
# and all others are blocked. When disabled, the extensions/types in filters
# are blocked and all others are allowed.
#WHITELIST=0

# The file extensions (without leading dot) to filter
#
# Set to an empty array to disable.
#FILTER_EXT=(exe dll msi scr com pif)

# The file MIME types to filter
#
# Set to an empty array to disable.
#FILTER_MIME=(
#	application/x-dosexec
#	application/x-msdos-program
#)

# Enable logging
#
# When set to 1, all uploads are logged to $GOMF_ROOT/log/.
LOG=1

# Enable logging of IP addresses
#LOG_IP=0

# Enable logging of hashed IP addresses
#LOG_IP_HASH=0

# Enable logging of User-Agent headers
#LOG_UA=0

# Enable logging of hashed User-Agent headers
#LOG_UA_HASH=0

# Enable logging of Referer headers
#LOG_REFERER=0

# Enable logging of hashed Referer headers
#LOG_REFERER_HASH=0

# Salt for hashed log entries
#
# Used to obfuscate entries when LOG_*_HASH option is enabled for privacy.
#LOG_HASH_SALT='put some unique string here'

# Count of trusted reverse proxies
#
# Used to determine which, if any, X-Forwarded-For or X-Real-IP to trust when
# logging or hashing the uploaders' IP addresses
PROXY_COUNT=1