blob: 84ee4c9d6d4c41d878d2e69fb940c6ace9e6a053 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
dev_ca: &dev_ca
client_ca_key: "./test/files/ca.key"
client_ca_cert: "./test/files/ca.crt"
ca_key_password: nil
cert_options: &cert_options
client_cert_lifespan: "2 months"
client_cert_bit_size: 2024
client_cert_hash: "SHA256"
allow_limited_certs: false
allow_unlimited_certs: true
allow_anonymous_certs: false
limited_cert_prefix: "LIMITED"
unlimited_cert_prefix: "UNLIMITED"
downloads: &downloads
client_download_domain: https://dl.bitmask.net
available_clients:
- linux
- osx
- windows
- android
download_paths:
android: /android/
linux: /linux/
osx: /mac/
windows: /windows/
other: /
common: &common
force_ssl: false
pagination_size: 30
auth:
token_expires_after: 60
# handles that will be blocked from being used as logins or email aliases
# in addition to the ones in /etc/passwd and http://tools.ietf.org/html/rfc2142
handle_blacklist:
- certmaster
- ssladmin
- arin-admin
- administrator
- www-data
- maildrop
- postmaster
- admin
- contact
- info
- noreply
- robot
- helpdesk
- help
- tickets
- owner
# handles that will be allowed despite being in /etc/passwd or rfc2142
handle_whitelist: []
# actions enabled in the account settings
# see /users/app/views/users/_edit.html.haml for a list.
user_actions: ['contact_email', 'destroy_account']
admin_actions: ['contact_email', 'change_pgp_key', 'change_service_level', 'destroy_account']
billing: ~
default_locale: :en
available_locales:
- :cs
- :de
- :el
- :en
- :es
- :fi
- :fr
- :hu
- :it
- :lt
- :nb
- :nl
- :pl
- :pt
- :ru
- :tr
- :zh
minimum_client_version: "0.5"
engines:
- support
- billing
allow_registration: true
invite_required: false
config_file_paths:
soledad-service: 'public/1/config/soledad-service.json'
eip-service: 'public/1/config/eip-service.json'
smtp-service: 'public/1/config/smtp-service.json'
mailer:
from_address: 'noreply'
service_levels: &service_levels
service_levels:
1:
name: free
description: "free account, with rate limited VPN"
eip_rate_limit: true
storage: 100
services:
- eip
2:
name: premium
description: "premium account, with unlimited vpn"
rate:
USD: 10
EUR: 10
services:
- eip
- email
default_service_level: 1
development:
<<: *downloads
<<: *dev_ca
<<: *cert_options
<<: *common
<<: *service_levels
admins: [blue, red, staff]
api_tokens:
test: nil
admin: nil
domain: example.org
secret_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
reraise_errors: true
test:
<<: *downloads
<<: *dev_ca
<<: *cert_options
<<: *common
<<: *service_levels
admins: [admin, admin2]
api_tokens:
test: "212da28a59dcaca487365309dc93aa09"
admin: nil
domain: test.me
secret_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
reraise_errors: true
billing: {}
default_locale: :en
available_locales:
- :en
- :de
production:
<<: *downloads
<<: *cert_options
<<: *common
admins: []
api_tokens:
test: nil
admin: nil
domain: example.net
engines:
- support
# logfile: /path/to/your/logs
|