2013-12-20 00:17:21 -05:00
|
|
|
#
|
|
|
|
# DO NOT EDIT THIS FILE
|
|
|
|
# If you need to make changes create a file called discourse.conf in this directory with your changes
|
2014-06-03 18:38:10 -04:00
|
|
|
# On import this file will be imported using ERB
|
2013-12-20 02:01:41 -05:00
|
|
|
#
|
2013-12-20 00:17:21 -05:00
|
|
|
|
|
|
|
# Discourse supports multiple mechanisms for production config.
|
|
|
|
#
|
|
|
|
# 1. You can do nothing and get these defaults (not recommended, you should at least set hostname)
|
|
|
|
# 2. You can copy this file to config/discourse.conf and amend with your settings
|
|
|
|
# 3. You can pass in config from your environment, all the settings below are available.
|
2013-12-20 02:01:41 -05:00
|
|
|
# Append DISCOURSE_ and upper case the setting in ENV. For example:
|
|
|
|
# to pass in db_timeout of 200 you would use DISCOURSE_DB_TIMEOUT=200
|
2013-12-20 00:17:21 -05:00
|
|
|
|
|
|
|
# All settings apply to production only
|
|
|
|
|
2014-05-21 19:00:24 -04:00
|
|
|
# connection pool size, sidekiq is set to 5, allowing an extra 3 for bg threads
|
|
|
|
db_pool = 8
|
2013-12-20 00:17:21 -05:00
|
|
|
|
2017-10-17 00:32:41 -04:00
|
|
|
# ActiveRecord connection pool timeout in milliseconds
|
2013-12-20 00:17:21 -05:00
|
|
|
db_timeout = 5000
|
|
|
|
|
2017-10-17 00:34:49 -04:00
|
|
|
# Database connection timeout in seconds
|
2017-10-17 00:32:41 -04:00
|
|
|
db_connect_timeout = 5
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# socket file used to access db
|
2013-12-20 00:23:01 -05:00
|
|
|
db_socket =
|
2013-12-20 00:17:21 -05:00
|
|
|
|
|
|
|
# host address for db server
|
2014-01-05 20:25:29 -05:00
|
|
|
# This is set to blank so it tries to use sockets first
|
|
|
|
db_host =
|
2013-12-20 00:17:21 -05:00
|
|
|
|
2018-03-08 21:22:29 -05:00
|
|
|
# host address for db server when taking a backup via `pg_dump`
|
|
|
|
# Defaults to `db_host` if not configured
|
|
|
|
db_backup_host =
|
|
|
|
|
2014-01-05 20:25:29 -05:00
|
|
|
# port running db server, no need to set it
|
|
|
|
db_port =
|
2013-12-20 00:17:21 -05:00
|
|
|
|
2018-03-08 21:22:29 -05:00
|
|
|
# db server port to use when taking a backup via `pg_dump`
|
|
|
|
db_backup_port = 5432
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# database name running discourse
|
|
|
|
db_name = discourse
|
|
|
|
|
|
|
|
# username accessing database
|
|
|
|
db_username = discourse
|
|
|
|
|
|
|
|
# password used to access the db
|
|
|
|
db_password =
|
|
|
|
|
2015-10-18 23:02:22 -04:00
|
|
|
# Disallow prepared statements
|
|
|
|
# see: https://github.com/rails/rails/issues/21992
|
|
|
|
db_prepared_statements = false
|
2015-02-17 19:16:53 -05:00
|
|
|
|
2016-01-25 01:27:59 -05:00
|
|
|
# host address for db replica server
|
|
|
|
db_replica_host =
|
|
|
|
|
|
|
|
# port running replica db server, defaults to 5432 if not set
|
|
|
|
db_replica_port =
|
|
|
|
|
2020-06-15 02:33:30 -04:00
|
|
|
db_advisory_locks = true
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# hostname running the forum
|
|
|
|
hostname = "www.example.com"
|
|
|
|
|
2015-07-23 01:33:38 -04:00
|
|
|
# backup hostname mainly for cdn use
|
|
|
|
backup_hostname =
|
2015-07-23 01:22:54 -04:00
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# address of smtp server used to send emails
|
|
|
|
smtp_address =
|
|
|
|
|
|
|
|
# port of smtp server used to send emails
|
|
|
|
smtp_port = 25
|
|
|
|
|
|
|
|
# domain passed to smtp server
|
|
|
|
smtp_domain =
|
|
|
|
|
|
|
|
# username for smtp server
|
|
|
|
smtp_user_name =
|
|
|
|
|
|
|
|
# password for smtp server
|
|
|
|
smtp_password =
|
|
|
|
|
2014-01-06 07:49:42 -05:00
|
|
|
# smtp authentication mechanism
|
|
|
|
smtp_authentication = plain
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# enable TLS encryption for smtp connections
|
|
|
|
smtp_enable_start_tls = true
|
|
|
|
|
2014-05-07 17:59:05 -04:00
|
|
|
# mode for verifying smtp server certificates
|
|
|
|
# to disable, set to 'none'
|
|
|
|
smtp_openssl_verify_mode =
|
|
|
|
|
2014-07-16 18:34:30 -04:00
|
|
|
# load MiniProfiler in production, to be used by developers
|
|
|
|
load_mini_profiler = true
|
2013-12-20 00:17:21 -05:00
|
|
|
|
2020-09-17 11:18:35 -04:00
|
|
|
# Every how many requests should MP profile a request (aka take snapshot)
|
|
|
|
# Default is never
|
|
|
|
mini_profiler_snapshots_period = 0
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# recommended, cdn used to access assets
|
|
|
|
cdn_url =
|
|
|
|
|
2020-05-12 11:34:12 -04:00
|
|
|
# The hostname used by the CDN to request assets
|
|
|
|
cdn_origin_hostname =
|
|
|
|
|
2014-02-10 02:11:52 -05:00
|
|
|
# comma delimited list of emails that have developer level access
|
2013-12-20 00:17:21 -05:00
|
|
|
developer_emails =
|
|
|
|
|
|
|
|
# redis server address
|
|
|
|
redis_host = localhost
|
|
|
|
|
|
|
|
# redis server port
|
|
|
|
redis_port = 6379
|
|
|
|
|
2016-03-02 09:01:48 -05:00
|
|
|
# redis slave server address
|
|
|
|
redis_slave_host =
|
|
|
|
|
|
|
|
# redis slave server port
|
2016-03-11 02:07:07 -05:00
|
|
|
redis_slave_port = 6379
|
2016-03-02 09:01:48 -05:00
|
|
|
|
2013-12-30 16:39:43 -05:00
|
|
|
# redis database
|
|
|
|
redis_db = 0
|
|
|
|
|
2013-12-20 00:17:21 -05:00
|
|
|
# redis password
|
|
|
|
redis_password =
|
2014-02-10 02:11:52 -05:00
|
|
|
|
2019-01-03 23:08:22 -05:00
|
|
|
# skip configuring client id for cloud providers who support no client commands
|
|
|
|
redis_skip_client_commands = false
|
2015-06-25 02:51:48 -04:00
|
|
|
|
2020-03-05 17:21:38 -05:00
|
|
|
# uses SSL for all Redis connections if true
|
|
|
|
redis_use_ssl = false
|
|
|
|
|
2019-05-28 01:52:43 -04:00
|
|
|
# message bus redis server switch
|
|
|
|
message_bus_redis_enabled = false
|
|
|
|
|
|
|
|
# message bus redis server address
|
|
|
|
message_bus_redis_host = localhost
|
|
|
|
|
|
|
|
# message bus redis server port
|
|
|
|
message_bus_redis_port = 6379
|
|
|
|
|
|
|
|
# message bus redis slave server address
|
|
|
|
message_bus_redis_slave_host =
|
|
|
|
|
|
|
|
# message bus redis slave server port
|
|
|
|
message_bus_redis_slave_port = 6379
|
|
|
|
|
|
|
|
# message bus redis database
|
|
|
|
message_bus_redis_db = 0
|
|
|
|
|
|
|
|
# message bus redis password
|
|
|
|
message_bus_redis_password =
|
|
|
|
|
|
|
|
# skip configuring client id for cloud providers who support no client commands
|
|
|
|
message_bus_redis_skip_client_commands = false
|
|
|
|
|
2014-02-10 02:11:52 -05:00
|
|
|
# enable Cross-origin Resource Sharing (CORS) directly at the application level
|
|
|
|
enable_cors = false
|
2011-10-15 14:00:00 -04:00
|
|
|
cors_origin = ''
|
2014-02-16 18:43:57 -05:00
|
|
|
|
|
|
|
# enable if you really need to serve assets in prd
|
|
|
|
serve_static_assets = false
|
2014-05-13 20:21:11 -04:00
|
|
|
|
|
|
|
# number of sidekiq workers (launched via unicorn master)
|
|
|
|
sidekiq_workers = 5
|
2014-08-08 02:31:31 -04:00
|
|
|
|
|
|
|
# adjust stylesheets to rtl (requires "rtlit" gem)
|
2014-08-22 20:02:14 -04:00
|
|
|
rtl_css = false
|
|
|
|
|
2015-02-16 17:58:23 -05:00
|
|
|
# connection reaping helps keep connection counts down, postgres
|
|
|
|
# will not work properly with huge numbers of open connections
|
|
|
|
# reap connections from pool that are older than 30 seconds
|
|
|
|
connection_reaper_age = 30
|
2018-06-14 04:22:02 -04:00
|
|
|
|
2015-02-16 17:58:23 -05:00
|
|
|
# run reap check every 30 seconds
|
|
|
|
connection_reaper_interval = 30
|
2015-03-08 20:45:36 -04:00
|
|
|
|
|
|
|
# set to relative URL (for subdirectory hosting)
|
|
|
|
# IMPORTANT: path must not include a trailing /
|
|
|
|
# EG: /forum
|
2018-04-10 16:27:03 -04:00
|
|
|
relative_url_root =
|
2016-02-03 21:58:38 -05:00
|
|
|
|
|
|
|
# increasing this number will increase redis memory use
|
|
|
|
# this ensures backlog (ability of channels to catch up are capped)
|
|
|
|
# message bus default cap is 1000, we are winding it down to 100
|
|
|
|
message_bus_max_backlog_size = 100
|
2017-01-31 17:21:37 -05:00
|
|
|
|
|
|
|
# must be a 64 byte hex string, anything else will be ignored with a warning
|
|
|
|
secret_key_base =
|
2017-03-20 15:59:06 -04:00
|
|
|
|
|
|
|
# fallback path for all assets which are served via the application
|
|
|
|
# used by static_controller
|
|
|
|
# in multi host setups this allows you to have old unicorn instances serve
|
|
|
|
# newly compiled assets
|
|
|
|
fallback_assets_path =
|
2017-10-06 01:20:01 -04:00
|
|
|
|
|
|
|
# S3 settings used for serving ALL public files
|
|
|
|
# be sure to configre a CDN as well per cdn_url
|
|
|
|
s3_bucket =
|
|
|
|
s3_region =
|
|
|
|
s3_access_key_id =
|
|
|
|
s3_secret_access_key =
|
2019-08-29 08:17:41 -04:00
|
|
|
s3_use_iam_profile =
|
2017-10-06 01:20:01 -04:00
|
|
|
s3_cdn_url =
|
2018-07-16 00:44:55 -04:00
|
|
|
s3_endpoint =
|
2020-04-29 18:04:59 -04:00
|
|
|
s3_http_continue_timeout =
|
2020-05-25 16:09:34 -04:00
|
|
|
s3_install_cors_rule =
|
2017-12-10 19:07:22 -05:00
|
|
|
|
|
|
|
### rate limits apply to all sites
|
|
|
|
max_user_api_reqs_per_minute = 20
|
|
|
|
max_user_api_reqs_per_day = 2880
|
|
|
|
|
|
|
|
max_admin_api_reqs_per_key_per_minute = 60
|
2017-12-11 01:21:00 -05:00
|
|
|
|
2018-01-21 21:18:30 -05:00
|
|
|
max_reqs_per_ip_per_minute = 200
|
|
|
|
max_reqs_per_ip_per_10_seconds = 50
|
2018-03-05 23:20:39 -05:00
|
|
|
|
|
|
|
# applies to asset type routes (avatars/css and so on)
|
|
|
|
max_asset_reqs_per_ip_per_10_seconds = 200
|
|
|
|
|
2018-01-07 16:39:17 -05:00
|
|
|
# global rate limiter will simply warn if the limit is exceeded, can be warn+block, warn, block or none
|
2019-11-17 23:54:50 -05:00
|
|
|
max_reqs_per_ip_mode = block
|
2018-01-07 16:39:17 -05:00
|
|
|
|
|
|
|
# bypass rate limiting any IP resolved as a private IP
|
2018-01-21 21:18:30 -05:00
|
|
|
max_reqs_rate_limit_on_private = false
|
2018-04-18 02:58:40 -04:00
|
|
|
|
|
|
|
# logged in DoS protection
|
|
|
|
|
|
|
|
# protection will only trigger for requests that queue longer than this amount
|
2018-04-22 21:54:58 -04:00
|
|
|
force_anonymous_min_queue_seconds = 1
|
2018-04-18 02:58:40 -04:00
|
|
|
# only trigger anon if we see more than N requests for this path in last 10 seconds
|
|
|
|
force_anonymous_min_per_10_seconds = 3
|
|
|
|
|
2020-10-13 01:56:03 -04:00
|
|
|
# Any requests with the headers Discourse-Background = true will not be allowed to queue
|
|
|
|
# longer than this amount of time.
|
|
|
|
# Discourse will rate limit and ask client to try again later.
|
|
|
|
background_requests_max_queue_length = 0.5
|
|
|
|
|
2019-08-09 03:47:44 -04:00
|
|
|
# if a message bus request queues for 100ms or longer, we will reject it and ask consumer
|
|
|
|
# to back off
|
|
|
|
reject_message_bus_queue_seconds = 0.1
|
|
|
|
|
2019-07-01 21:21:52 -04:00
|
|
|
# disable search if app server is queueing for longer than this (in seconds)
|
|
|
|
disable_search_queue_threshold = 1
|
|
|
|
|
2019-01-03 17:24:46 -05:00
|
|
|
# maximum number of posts rebaked across the cluster in the periodical job
|
|
|
|
# rebake process is very expensive, on multisite we have to make sure we never
|
|
|
|
# flood the queue
|
|
|
|
max_old_rebakes_per_15_minutes = 300
|
|
|
|
|
2019-03-21 23:11:21 -04:00
|
|
|
# maximum number of log messages in /logs
|
|
|
|
max_logster_logs = 1000
|
|
|
|
|
2019-05-27 02:51:24 -04:00
|
|
|
# during precompile update maxmind database if older than N days
|
|
|
|
# set to 0 to disable
|
2020-01-03 00:31:28 -05:00
|
|
|
refresh_maxmind_db_during_precompile_days = 2
|
2019-05-27 02:51:24 -04:00
|
|
|
|
|
|
|
# backup path containing maxmind db files
|
|
|
|
maxmind_backup_path =
|
|
|
|
|
2020-01-03 00:31:28 -05:00
|
|
|
# register an account at: https://www.maxmind.com/en/geolite2/signup
|
|
|
|
# then head to profile and get your license key
|
|
|
|
maxmind_license_key=
|
|
|
|
|
2019-06-05 02:08:11 -04:00
|
|
|
# when enabled the following headers will be added to every response:
|
|
|
|
# (note, if measurements do not exist for the header they will be omitted)
|
|
|
|
#
|
|
|
|
# X-Redis-Calls: 10
|
|
|
|
# X-Redis-Time: 1.02
|
|
|
|
# X-Sql-Calls: 102
|
|
|
|
# X-Sql-Time: 1.02
|
|
|
|
# X-Queue-Time: 1.01
|
|
|
|
enable_performance_http_headers = false
|
|
|
|
|
2019-08-19 21:29:11 -04:00
|
|
|
# gather JavaScript errors from clients (rate limited to 1 error per IP per minute)
|
|
|
|
enable_js_error_reporting = true
|
|
|
|
|
2019-08-29 01:34:36 -04:00
|
|
|
# This is probably not a number you want to touch, it controls the number of workers
|
|
|
|
# we allow mini scheduler to run. Prior to 2019 we ran a single worker.
|
|
|
|
# On extremely busy setups this could lead to situations where regular jobs would
|
|
|
|
# starve. Specifically jobs such as "run heartbeat" which keeps sidekiq running.
|
|
|
|
# Having a high number here is very low risk. Regular jobs are limited in scope and scale.
|
|
|
|
mini_scheduler_workers = 5
|
|
|
|
|
2019-09-04 03:18:32 -04:00
|
|
|
# enable compression on anonymous cache redis entries
|
|
|
|
# this slightly increases the cost of storing cache entries but can make it much
|
|
|
|
# cheaper to retrieve cache entries when redis is stores on a different machine to the one
|
|
|
|
# running the web
|
|
|
|
compress_anon_cache = false
|
|
|
|
|
|
|
|
# Only store entries in redis for anonymous cache if they are observed more than N times
|
|
|
|
# for a specific key
|
|
|
|
#
|
|
|
|
# This ensures there are no pathological cases where we keep storing data in anonymous cache
|
|
|
|
# never to use it, set to 1 to store immediately, set to 0 to disable anon cache
|
|
|
|
anon_cache_store_threshold = 2
|
2020-06-02 23:19:42 -04:00
|
|
|
|
|
|
|
# EXPERIMENTAL - not yet supported in production
|
|
|
|
# by default admins can install and amend any theme
|
|
|
|
# you may restrict it so only specific themes are approved
|
2020-07-26 20:23:54 -04:00
|
|
|
# in allowlist mode all theme updates must happen via git repos
|
2020-06-02 23:19:42 -04:00
|
|
|
# themes missing from the list are automatically disallowed
|
|
|
|
# list is a comma seperated list of git repos eg:
|
|
|
|
# https://github.com/discourse/discourse-custom-header-links.git,https://github.com/discourse/discourse-simple-theme.git
|
2020-07-26 20:23:54 -04:00
|
|
|
allowed_theme_repos =
|
2020-07-24 03:09:29 -04:00
|
|
|
|
|
|
|
# Demon::EmailSync is used in conjunction with the enable_imap site setting
|
|
|
|
# to sync N IMAP mailboxes with specific groups. It is a process started in
|
|
|
|
# unicorn.conf, and it spawns N threads (one for each multisite connection) and
|
|
|
|
# for each database spans another N threads (one for each configured group).
|
|
|
|
#
|
|
|
|
# We want this off by default so the process is not started when it does not
|
|
|
|
# need to be (e.g. development, test, certain hosting tiers)
|
|
|
|
enable_email_sync_demon = false
|
2020-10-07 02:30:15 -04:00
|
|
|
|
|
|
|
# we never want to queue more than 10000 digests per 30 minute block
|
|
|
|
# this can easily lead to blocking sidekiq
|
|
|
|
# on multisites we recommend a far lower number
|
|
|
|
max_digests_enqueued_per_30_mins_per_site = 10000
|