doc/md/Shaarli-configuration.md

   1 ## Foreword
   2
   3 **Do not edit configuration options in index.php! Your changes would be lost.**
   4
   5 Once your Shaarli instance is installed, the file `data/config.json.php` is generated:
   6 * it contains all settings in JSON format, and can be edited to customize values
   7 * it defines which [plugins](Plugin-System) are enabled
   8 * its values override those defined in `index.php`
   9 * it is wrap in a PHP comment to prevent anyone accessing it, regardless of server configuration
  10
  11 ## File and directory permissions
  12
  13 The server process running Shaarli must have:
  14
  15 - `read` access to the following resources:
  16     - PHP scripts: `index.php`, `application/*.php`, `plugins/*.php`
  17     - 3rd party PHP and Javascript libraries: `inc/*.php`, `inc/*.js`
  18     - static assets:
  19         - CSS stylesheets: `inc/*.css`
  20         - `images/*`
  21     - RainTPL templates: `tpl/*.html`
  22 - `read`, `write` and `execution` access to the following directories:
  23     - `cache` - thumbnail cache
  24     - `data` - link data store, configuration options
  25     - `pagecache` - Atom/RSS feed cache
  26     - `tmp` - RainTPL page cache
  27
  28 On a Linux distribution:
  29
  30 - the web server user will likely be `www` or `http` (for Apache2)
  31 - it will be a member of a group of the same name: `www:www`, `http:http`
  32 - to give it access to Shaarli, either:
  33     - unzip Shaarli in the default web server location (usually `/var/www/`) and set the web server user as the owner
  34     - put users in the same group as the web server, and set the appropriate access rights
  35 - if you have a domain / subdomain to serve Shaarli, [configure the server](Server-configuration) accordingly
  36
  37 ## Configuration
  38
  39 In `data/config.json.php`.
  40
  41 See also [Plugin System](Plugin-System).
  42
  43 ### Credentials
  44
  45 _These settings should not be edited_
  46
  47 - **login**: Login username.
  48 - **hash**: Generated password hash.
  49 - **salt**: Password salt.
  50
  51 ### General
  52
  53 - **title**: Shaarli's instance title.
  54 - **header_link**: Link to the homepage.
  55 - **links_per_page**: Number of shaares displayed per page.
  56 - **timezone**: See [the list of supported timezones](http://php.net/manual/en/timezones.php).
  57 - **enabled_plugins**: List of enabled plugins.
  58 - **default_note_title**: Default title of a new note.
  59 - **retrieve_description** (boolean): If set to true, for every new links Shaarli will try
  60 to retrieve the description and keywords from the HTML meta tags.
  61
  62 ### Security
  63
  64 - **session_protection_disabled**: Disable session cookie hijacking protection (not recommended).
  65   It might be useful if your IP adress often changes.
  66 - **ban_after**: Failed login attempts before being IP banned.
  67 - **ban_duration**: IP ban duration in seconds.
  68 - **open_shaarli**: Anyone can add a new link while logged out if enabled.
  69 - **trusted_proxies**: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
  70 - **allowed_protocols**: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store `javascript:` links (bookmarklets) in Shaarli (default: `["ftp", "ftps", "magnet"]`).
  71
  72 ### Resources
  73
  74 - **data_dir**: Data directory.
  75 - **datastore**: Shaarli's links database file path.
  76 - **history**: Shaarli's operation history file path.
  77 - **updates**: File path for the ran updates file.
  78 - **log**: Log file path.
  79 - **update_check**: Last update check file path.
  80 - **raintpl_tpl**: Templates directory.
  81 - **raintpl_tmp**: Template engine cache directory.
  82 - **thumbnails_cache**: Thumbnails cache directory.
  83 - **page_cache**: Shaarli's internal cache directory.
  84 - **ban_file**: Banned IP file path.
  85
  86 ### Translation
  87
  88 - **language**: translation language (also see [Translations](Translations))
  89     - **auto** (default): The translation language is chosen from the browser locale.
  90     It means that the language can be different for 2 different visitors depending on their locale.
  91     - **en**: Use the English translation.
  92     - **fr**: Use the French translation.
  93 - **mode**:
  94     - **auto** or **php** (default): Use the PHP implementation of gettext (slower)
  95     - **gettext**: Use PHP builtin gettext extension
  96     (faster, but requires `php-gettext` to be installed and to reload the web server on update)
  97 - **extension**: Translation extensions for custom themes or plugins.
  98 Must be an associative array: `translation domain => translation path`.
  99
 100 ### Updates
 101
 102 - **check_updates**: Enable or disable update check to the git repository.
 103 - **check_updates_branch**: Git branch used to check updates (e.g. `stable` or `master`).
 104 - **check_updates_interval**: Look for new version every N seconds (default: every day).
 105
 106 ### Privacy
 107
 108 - **default_private_links**: Check the private checkbox by default for every new link.
 109 - **hide_public_links**: All links are hidden while logged out.
 110 - **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page.
 111 - **hide_timestamps**: Timestamps are hidden.
 112 - **remember_user_default**: Default state of the login page's *remember me* checkbox
 113     - `true`: checked by default, `false`: unchecked by default
 114
 115 ### Feed
 116
 117 - **rss_permalinks**: Enable this to redirect RSS links to Shaarli's permalinks instead of shaared URL.
 118 - **show_atom**: Display ATOM feed button.
 119
 120 ### Thumbnail
 121
 122 - **enable_thumbnails**: Enable or disable thumbnail display.
 123 - **enable_localcache**: Enable or disable local cache.
 124
 125 ### LDAP
 126
 127 - **host**: LDAP host used for user authentication
 128 - **dn**: user DN template (`sprintf` format, `%s` being replaced by user login)
 129
 130 ## Configuration file example
 131
 132 ```json
 133 <?php /*
 134 {
 135     "credentials": {
 136         "login": "<login>",
 137         "hash": "<password hash>",
 138         "salt": "<password salt>"
 139     },
 140     "security": {
 141         "ban_after": 4,
 142         "session_protection_disabled": false,
 143         "ban_duration": 1800,
 144         "trusted_proxies": [
 145             "1.2.3.4",
 146             "5.6.7.8"
 147         ],
 148         "allowed_protocols": [
 149             "ftp",
 150             "ftps",
 151             "magnet"
 152         ]
 153     },
 154     "resources": {
 155         "data_dir": "data",
 156         "config": "data\/config.php",
 157         "datastore": "data\/datastore.php",
 158         "ban_file": "data\/ipbans.php",
 159         "updates": "data\/updates.txt",
 160         "log": "data\/log.txt",
 161         "update_check": "data\/lastupdatecheck.txt",
 162         "raintpl_tmp": "tmp\/",
 163         "raintpl_tpl": "tpl\/",
 164         "thumbnails_cache": "cache",
 165         "page_cache": "pagecache"
 166     },
 167     "general": {
 168         "check_updates": true,
 169         "rss_permalinks": true,
 170         "links_per_page": 20,
 171         "default_private_links": true,
 172         "enable_thumbnails": true,
 173         "enable_localcache": true,
 174         "check_updates_branch": "stable",
 175         "check_updates_interval": 86400,
 176         "enabled_plugins": [
 177             "markdown",
 178             "wallabag",
 179             "archiveorg"
 180         ],
 181         "timezone": "Europe\/Paris",
 182         "title": "My Shaarli",
 183         "header_link": "?"
 184     },
 185     "extras": {
 186         "show_atom": false,
 187         "hide_public_links": false,
 188         "hide_timestamps": false,
 189         "open_shaarli": false,
 190     },
 191     "general": {
 192         "header_link": "?",
 193         "links_per_page": 20,
 194         "enabled_plugins": [
 195             "markdown",
 196             "wallabag"
 197         ],
 198         "timezone": "Europe\/Paris",
 199         "title": "My Shaarli"
 200     },
 201     "updates": {
 202         "check_updates": true,
 203         "check_updates_branch": "stable",
 204         "check_updates_interval": 86400
 205     },
 206     "feed": {
 207         "rss_permalinks": true,
 208         "show_atom": false
 209     },
 210     "privacy": {
 211         "default_private_links": true,
 212         "hide_public_links": false,
 213         "force_login": false,
 214         "hide_timestamps": false,
 215         "remember_user_default": true
 216     },
 217     "thumbnail": {
 218         "enable_thumbnails": true,
 219         "enable_localcache": true
 220     },
 221     "plugins": {
 222         "WALLABAG_URL": "http://demo.wallabag.org",
 223         "WALLABAG_VERSION": "1"
 224     },
 225     "translation": {
 226         "language": "fr",
 227         "mode": "php",
 228         "extensions": {
 229             "demo": "plugins/demo_plugin/languages/"
 230         }
 231     },
 232     "ldap": {
 233         "host": "ldap://localhost",
 234         "dn": "uid=%s,ou=people,dc=example,dc=org"
 235     }
 236 } ?>
 237 ```
 238
 239 ## Additional configuration
 240
 241 The `playvideos` plugin may require that you adapt your server's
 242 [Content Security Policy](https://github.com/shaarli/Shaarli/blob/master/plugins/playvideos/README.md#troubleshooting)
 243 configuration to work properly.
 244