summaryrefslogtreecommitdiff
path: root/config/defaults.yml
blob: ca5107fac06435a52f0efc519a11f2fa65b6e6ac (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
dev_ca: &dev_ca
  client_ca_key: "./test/files/ca.key"
  client_ca_cert: "./test/files/ca.crt"
  ca_key_password: nil

cert_options: &cert_options
  client_cert_lifespan: "2 months"
  client_cert_bit_size: 2024
  client_cert_hash: "SHA256"
  allow_limited_certs: false
  allow_unlimited_certs: true
  allow_anonymous_certs: false
  limited_cert_prefix: "LIMITED"
  unlimited_cert_prefix: "UNLIMITED"

downloads: &downloads
  client_download_domain: https://dl.bitmask.net
  available_clients:
    - linux
    - osx
    - windows
    - android
  download_paths:
    android: /android/
    linux:   /linux/
    osx:     /mac/
    windows: /windows/
    other:   /

common: &common
  force_ssl: false
  pagination_size: 30
  auth:
    token_expires_after: 60
  # handles that will be blocked from being used as logins or email aliases
  # in addition to the ones in /etc/passwd and http://tools.ietf.org/html/rfc2142
  handle_blacklist:
    - certmaster
    - ssladmin
    - arin-admin
    - administrator
    - www-data
    - maildrop
    - postmaster
    - admin
    - contact
    - info
    - noreply
    - robot
    - helpdesk
    - help
    - tickets
    - owner
  # handles that will be allowed despite being in /etc/passwd or rfc2142
  handle_whitelist: []
  # actions enabled in the account settings
  # see /users/app/views/users/_edit.html.haml for a list.
  user_actions: ['contact_email', 'destroy_account']
  admin_actions: ['contact_email', 'change_pgp_key', 'change_service_level', 'destroy_account']
  billing: ~
  default_locale: :en
  available_locales:
    - :en
  minimum_client_version: "0.5"
  engines:
    - support
    - billing
  allow_registration: true
  config_file_paths:
    soledad-service: 'public/1/config/soledad-service.json'
    eip-service: 'public/1/config/eip-service.json'
    smtp-service: 'public/1/config/smtp-service.json'
  mailer:
    from_address: 'noreply'

service_levels: &service_levels
  service_levels:
    1:
      name: free
      description: "free account, with rate limited VPN"
      eip_rate_limit: true
      storage: 100
      services:
        - eip
    2:
      name: premium
      description: "premium account, with unlimited vpn"
      rate:
        USD: 10
        EUR: 10
      services:
        - eip
        - email
  default_service_level: 1

development:
  <<: *downloads
  <<: *dev_ca
  <<: *cert_options
  <<: *common
  <<: *service_levels
  admins: [blue, red, staff]
  domain: example.org
  secret_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
  reraise_errors: true

test:
  <<: *downloads
  <<: *dev_ca
  <<: *cert_options
  <<: *common
  <<: *service_levels
  admins: [admin, admin2]
  domain: test.me
  secret_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
  reraise_errors: true
  billing: {}
  default_locale: :en
  available_locales:
    - :en
    - :de

production:
  <<: *downloads
  <<: *cert_options
  <<: *common
  admins: []
  domain: example.net
  engines:
    - support
  # logfile: /path/to/your/logs