smr/conf/smr.conf.in

122 lines
2.7 KiB
Plaintext

# smr configuration
server tls {
bind 0.0.0.0 <{get port}>
}
seccomp_tracing yes
load ./smr.so
root <{get kore_chroot}>
runas <{get chuser }>
keymgr_runas <{get chuser }>
keymgr_root .
workers 1
http_body_max 8388608
tls_dhparam dh2048.pem
validator v_any regex [\s\S]*
validator v_storyid regex [a-zA-Z0-9$+!*'(),-]+
validator v_subdomain regex [a-z0-9]{1,30}
validator v_markup regex (plain|imageboard)
validator v_bool regex (0|1)
validator v_checkbox regex (|on)
validator v_hex_128 regex [0-9a-f]{128}
validator v_time regex [0-9]+
domain * {
attach tls
certfile cert/server.pem
certkey cert/key.pem
#I run kore behind a lighttpd reverse proxy, so this is a bit useless to me
accesslog /dev/null
route / home
route /_css/style.css asset_serve_style_css
route /_css/suggest_tags.css asset_serve_suggest_tags_css
route /_css/milligram.css asset_serve_milligram_css
route /_css/milligram.min.css.map asset_serve_milligram_min_css_map
route /_faq asset_serve_faq_html
route /_js/suggest_tags.js asset_serve_suggest_tags_js
route /favicon.ico asset_serve_favicon_ico
route /_paste post_story
route /_edit edit_story
route /_bio edit_bio
route /_login login
route /_logout logout
route ^/_claim claim
route /_download download
route /_preview preview
route /_search search
route /_archive archive
route /_api api
# Leading ^ is needed for dynamic routes, kore says the route is dynamic if it does not start with '/'
route ^/[^_].* read_story
params get /_edit {
validate story v_storyid
}
params get /_download {
validate story v_storyid
validate pwd v_hex_128
}
params post /_edit {
validate title v_any
validate story v_storyid
validate text v_any
validate pasteas v_subdomain
validate markup v_markup
validate tags v_any
validate unlisted v_checkbox
}
params post /_paste {
validate title v_any
validate text v_any
validate pasteas v_subdomain
validate markup v_markup
validate tags v_any
validate unlisted v_checkbox
}
params post /_preview {
validate title v_any
validate text v_any
validate pasteas v_subdomain
validate markup v_markup
validate tags v_any
validate unlisted v_checkbox
}
params get /_search {
validate q v_any
}
params get /_archive {
validate t v_time
}
params get ^/[^_].* {
validate comments v_bool
validate pwd v_hex_128
}
params post ^/[^_].* {
validate text v_any
validate postas v_subdomain
validate pwd v_hex_128
}
params post /_login {
validate user v_subdomain
validate pass v_any
}
params post ^/_claim {
validate user v_subdomain
}
params get /_api {
validate call v_any
validate data v_any
}
}