# smr configuration

server tls {
	bind 0.0.0.0 <{get port}>

}

seccomp_tracing yes
load		./smr.so
root            <{get kore_chroot}>

runas           <{get chuser }>

keymgr_runas    <{get chuser }>

keymgr_root     .
workers         1

http_body_max 8388608

tls_dhparam	dh2048.pem

validator v_any regex [\s\S]*
validator v_storyid regex [a-zA-Z0-9$+!*'(),-]+
validator v_subdomain regex [a-z0-9]{1,30}
validator v_markup regex (plain|imageboard)
validator v_bool regex (0|1)
validator v_checkbox regex (|on)
validator v_hex_128 regex [0-9a-f]{128}
validator v_time regex [0-9]+

domain * {
	attach tls

	certfile	cert/server.pem
	certkey		cert/key.pem

	#I run kore behind a lighttpd reverse proxy, so this is a bit useless to me
	accesslog 	/dev/null

	route  /        home
	route  /_css/style.css asset_serve_style_css
	route  /_css/milligram.css asset_serve_milligram_css
	route  /_css/milligram.min.css.map asset_serve_milligram_min_css_map
	route  /_faq asset_serve_faq_html
	route  /favicon.ico asset_serve_favicon_ico
	route  /_paste  post_story
	route  /_edit   edit_story
	route  /_bio    edit_bio
	route  /_login  login
	route  /_logout logout
	route  ^/_claim  claim
	route  /_download download
	route  /_preview preview
	route  /_search search
	route  /_archive archive
	# Leading ^ is needed for dynamic routes, kore says the route is dynamic if it does not start with '/'
	route  ^/[^_].*  read_story

	params get /_edit {
		validate story v_storyid
	}
	params get /_download {
		validate story v_storyid
		validate pwd v_hex_128
	}
	params post /_edit {
		validate title v_any
		validate story v_storyid
		validate text v_any
		validate pasteas v_subdomain
		validate markup v_markup
		validate tags v_any
		validate unlisted v_checkbox
	}
	params post /_paste {
		validate title v_any
		validate text v_any
		validate pasteas v_subdomain
		validate markup v_markup
		validate tags v_any
		validate unlisted v_checkbox
	}
	params post /_preview {
		validate title v_any
		validate text v_any
		validate pasteas v_subdomain
		validate markup v_markup
		validate tags v_any
		validate unlisted v_checkbox
	}
	params get /_search {
		validate q v_any
	}
	params get /_archive {
		validate t v_time
	}
	params get ^/[^_].* {
		validate comments v_bool
		validate pwd v_hex_128
	}
	params post ^/[^_].* {
		validate text v_any
		validate postas v_subdomain
		validate pwd v_hex_128
	}
	params post /_login {
		validate user v_subdomain
		validate pass v_any
	}
	params post ^/_claim {
		validate user v_subdomain
	}

}