3 **Do not edit configuration options in index.php! Your changes would be lost.**
5 Once your Shaarli instance is installed, the file `data/config.json.php` is generated:
6 * it contains all settings in JSON format, and can be edited to customize values
7 * it defines which [plugins](Plugin-System) are enabled[](.html)
8 * its values override those defined in `index.php`
9 * it is wrap in a PHP comment to prevent anyone accessing it, regardless of server configuration
11 ## File and directory permissions
13 The server process running Shaarli must have:
14 - `read` access to the following resources:
15 - PHP scripts: `index.php`, `application/*.php`, `plugins/*.php`
16 - 3rd party PHP and Javascript libraries: `inc/*.php`, `inc/*.js`
18 - CSS stylesheets: `inc/*.css`
20 - RainTPL templates: `tpl/*.html`
21 - `read`, `write` and `execution` access to the following directories:
22 - `cache` - thumbnail cache
23 - `data` - link data store, configuration options
24 - `pagecache` - Atom/RSS feed cache
25 - `tmp` - RainTPL page cache
27 On a Linux distribution:
28 - the web server user will likely be `www` or `http` (for Apache2)
29 - it will be a member of a group of the same name: `www:www`, `http:http`
30 - to give it access to Shaarli, either:
31 - unzip Shaarli in the default web server location (usually `/var/www/`) and set the web server user as the owner
32 - put users in the same group as the web server, and set the appropriate access rights
33 - if you have a domain / subdomain to serve Shaarli, [configure the server](Server-configuration) accordingly[](.html)
37 In `data/config.json.php`.
39 See also [Plugin System](Plugin-System.html).
43 > You shouldn't edit those.
45 **login**: Login username.
46 **hash**: Generated password hash.
47 **salt**: Password salt.
51 **title**: Shaarli's instance title.
52 **header_link**: Link to the homepage.
53 **links_per_page**: Number of shaares displayed per page.
54 **timezone**: See [the list of supported timezones](http://php.net/manual/en/timezones.php).
55 **enabled_plugins**: List of enabled plugins.
59 **session_protection_disabled**: Disable session cookie hijacking protection (not recommended).
60 It might be useful if your IP adress often changes.
61 **ban_after**: Failed login attempts before being IP banned.
62 **ban_duration**: IP ban duration in seconds.
63 **open_shaarli**: Anyone can add a new link while logged out if enabled.
64 **trusted_proxies**: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
65 **allowed_protocols**: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store `javascript:` links (bookmarklets) in Shaarli (default: `["ftp", "ftps", "magnet"]`).
69 **data_dir**: Data directory.
70 **datastore**: Shaarli's links database file path.
71 **history**: Shaarli's operation history file path.
72 **updates**: File path for the ran updates file.
73 **log**: Log file path.
74 **update_check**: Last update check file path.
75 **raintpl_tpl**: Templates directory.
76 **raintpl_tmp**: Template engine cache directory.
77 **thumbnails_cache**: Thumbnails cache directory.
78 **page_cache**: Shaarli's internal cache directory.
79 **ban_file**: Banned IP file path.
83 **check_updates**: Enable or disable update check to the git repository.
84 **check_updates_branch**: Git branch used to check updates (e.g. `stable` or `master`).
85 **check_updates_interval**: Look for new version every N seconds (default: every day).
89 **default_private_links**: Check the private checkbox by default for every new link.
90 **hide_public_links**: All links are hidden while logged out.
91 **hide_timestamps**: Timestamps are hidden.
95 **rss_permalinks**: Enable this to redirect RSS links to Shaarli's permalinks instead of shaared URL.
96 **show_atom**: Display ATOM feed button.
100 **enable_thumbnails**: Enable or disable thumbnail display.
101 **enable_localcache**: Enable or disable local cache.
105 **url**: Redirector URL, such as `anonym.to`.
106 **encode_url**: Enable this if the redirector needs encoded URL to work properly.
108 ## Configuration file example
115 "hash": "<password hash>",
116 "salt": "<password salt>"
120 "session_protection_disabled": false,
121 "ban_duration": 1800,
126 "allowed_protocols": [
134 "config": "data\/config.php",
135 "datastore": "data\/datastore.php",
136 "ban_file": "data\/ipbans.php",
137 "updates": "data\/updates.txt",
138 "log": "data\/log.txt",
139 "update_check": "data\/lastupdatecheck.txt",
140 "raintpl_tmp": "tmp\/",
141 "raintpl_tpl": "tpl\/",
142 "thumbnails_cache": "cache",
143 "page_cache": "pagecache"
146 "check_updates": true,
147 "rss_permalinks": true,
148 "links_per_page": 20,
149 "default_private_links": true,
150 "enable_thumbnails": true,
151 "enable_localcache": true,
152 "check_updates_branch": "stable",
153 "check_updates_interval": 86400,
159 "timezone": "Europe\/Paris",
160 "title": "My Shaarli",
165 "hide_public_links": false,
166 "hide_timestamps": false,
167 "open_shaarli": false,
168 "redirector": "http://anonym.to/?",
169 "redirector_encode_url": false
173 "links_per_page": 20,
178 "timezone": "Europe\/Paris",
179 "title": "My Shaarli"
182 "check_updates": true,
183 "check_updates_branch": "stable",
184 "check_updates_interval": 86400
187 "rss_permalinks": true,
191 "default_private_links": true,
192 "hide_public_links": false,
193 "hide_timestamps": false
196 "enable_thumbnails": true,
197 "enable_localcache": true
200 "url": "http://anonym.to/?",
204 "WALLABAG_URL": "http://demo.wallabag.org",
205 "WALLABAG_VERSION": "1"
210 ## Additional configuration
212 The playvideos plugin may require that you adapt your server's
213 [Content Security Policy](https://github.com/shaarli/Shaarli/blob/master/plugins/playvideos/README.md#troubleshooting)
214 configuration to work properly.[](.html)