-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.env
62 lines (51 loc) · 2.95 KB
/
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# All the values in this file can be overridden in a file named .env.local
# NB: make sure that one is never stored in git
DB_DSN=sqlite:/var/www/VeraCrypt-CrashCollector/var/data/crashcollector.db
DB_USER=
DB_PASSWORD=
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_PASSWORD=
# When empty, the client's IP address will be taken from $_SERVER['REMOTE_ADDR'].
# Set it to a non empty string to have the client IP be extracted from a request HTTP header.
# Supported values: HTTP_CLIENT_IP, HTTP_FASTLY_CLIENT_IP, HTTP_TRUE_CLIENT_IP, HTTP_X_REAL_IP, HTTP_X_FORWARDED_FOR
# NB: HTTP_FASTLY_CLIENT_IP is not reliable by default, you have to set up dedicated vcl code for that, see https://www.fastly.com/documentation/reference/http/http-headers/Fastly-Client-IP/
# NB: when setting it to a non empty value, TRUSTED_PROXIES has to be set as well (see below for details).
CLIENT_IP_HEADER=
# Csv list of IP addresses of proxies that you trust to set a truthful header identifying the client ip address.
# This means that the first proxy in the truthful chain _has to_ reset the designated http header if it receives it in
# its request.
# When a request comes in from an IP which is not in TRUSTED_PROXIES, $_SERVER['REMOTE_ADDR'] will be used as client IP
TRUSTED_PROXIES=
APP_DEBUG=false
# NB: should always have a trailing slash
ROOT_URL=/
# Used for links when sending password-reset emails
WEBSITE=https://crashcollector.veracrypt.fr
# Used when sending password-reset emails
MAIL_FROM=crashcollector@veracrypt.fr
# Set to true to make the app generate urls such as `/admin/` instead of `/admin/index.php`.
# NB: this requires matching webserver configuration, such as `index index.php` for Nginx
URLS_STRIP_INDEX_DOT_PHP=false
# Set to true to make the app generate urls such as `/report/upload` instead of `/report/upload.php`.
# NB: this requires matching webserver configuration, see f.e.
# https://serverfault.com/questions/761627/nginx-rewrite-to-remove-php-from-files-has-no-effect-but-to-redirect-to-homepag
URLS_STRIP_PHP_EXTENSION=false
# Enable/disable the feature to allow users self-service password reset via being sent an email, aka. 'forgot password'
ENABLE_FORGOTPASSWORD=true
# Enable/disable the feature to allow uploading crash reports via a browser-based form instead of using API as VeraCrypt does
ENABLE_BROWSER_UPLOAD=false
LOG_DIR=/var/www/VeraCrypt-CrashCollector/var/logs
# The audit log traces user events such as login, password changes, etc
AUDIT_LOG_FILE=audit.log
# see Psr\Log\LogLevel for valid values
AUDIT_LOG_LEVEL=info
# Algorithm can be set to '2y' (bcrypt), 'argon2i', 'argon2id', the latter 2 only if an appropriate extension is loaded.
# If left unspecified, the php default algorithm will be used
PWD_HASH_ALGORITHM=
# Values below 31 are accepted. Lower-bound to 13
PWD_HASH_COST=
# Lower-bound to max(4, SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE)
PWD_HASH_OPSLIMIT=
# Lower-bound to max(64 * 1024 * 1024, SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE)
PWD_HASH_MEMLIMIT=