# Example XO-Server configuration. # # This file is automatically looking for at the following places: # - `$HOME/.config/xo-server/config.toml` # - `/etc/xo-server/config.toml` # # The first entries have priority. # # Note: paths are relative to the configuration file. #===================================================================== # HTTP proxy configuration used by xo-server to fetch resources on the Internet. # # See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations # httpProxy = 'http://jsmith:qwerty@proxy.lan:3128' # List of host names (optionally with a port), separated by commas, for which # the proxy above will not be used. # # noProxy = 'example.net, example.com:443' #===================================================================== # It may be necessary to run XO-Server as a privileged user (e.g. `root`) for # instance to allow the HTTP server to listen on a # [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). # # To avoid security issues, XO-Server can drop its privileges by changing the # user and the group is running with. # # Note: XO-Server will change them just after reading the configuration. # User to run XO-Server as. # # Note: The user can be specified using either its name or its numeric # identifier. # # Default: undefined #user = 'nobody' # Group to run XO-Server as. # # Note: The group can be specified using either its name or its numeric # identifier. # # Default: undefined # group = 'nogroup' #===================================================================== # Directory containing the database of XO. # Currently used for logs. # # Default: '/var/lib/xo-server/data' #datadir = '/var/lib/xo-server/data' #===================================================================== # Configuration of the embedded HTTP server. [http] # If set to true, all HTTP traffic will be redirected to the first HTTPs # configuration. # redirectToHttps = true # Public URL to connect to this XO # # This optional entry is used to communicate to external entities (e.g. XO Lite) # how to connect to this XO. # # It SHOULD be defined in case the IP address of the current machine is not # good enough (e.g. a domain name must be used or there is a reverse proxy). #publicUrl = 'https://xoa.company.lan' # Settings applied to cookies created by xo-server's embedded HTTP server. # # See https://www.npmjs.com/package/cookie#options-1 [http.cookies] #sameSite = true #secure = true # Basic HTTP. [[http.listen]] # Address on which the server is listening on. # # Sets it to 'localhost' for IP to listen only on the local host. # # Default: all IPv6 addresses if available, otherwise all IPv4 addresses. # hostname = 'localhost' # Port on which the server is listening on. # # Default: undefined port = 80 # Instead of `host` and `port` a path to a UNIX socket may be specified # (overrides `host` and `port`). # # Default: undefined # socket = './http.sock' # # Basic HTTPS. # # # # You can find the list of possible options there # # https://nodejs.org/docs/latest/api/tls.html#tls.createServer # # # # The only difference is the presence of the certificate and the key. # [[http.listen]] # #hostname = '127.0.0.1' # port = 443 # # # Whether to autogenerate a self signed certificate if the `cert` or `key` # # files could not be found. # # # # Default: true # autoCert = false # # # File containing the certificate (PEM format). # # # # If a chain of certificates authorities is needed, you may bundle them # # directly in the certificate. # # # # Note: the order of certificates does matter, your certificate should come # # first followed by the certificate of the above # # certificate authority up to the root. # # # # Default: undefined # cert = './certificate.pem' # # # File containing the private key (PEM format). # # # # If the key is encrypted, the passphrase will be asked at # # server startup. # # # # Default: undefined # key = './key.pem' # List of files/directories which will be served. [http.mounts] #'/any/url' = '/path/to/directory' # List of proxied URLs (HTTP & WebSockets). [http.proxies] #'/any/url' = 'http://localhost:54722' #===================================================================== # Uncomment this section to export the logs to an external syslog #[logs.transport.syslog] #target = 'tcp://syslog.company.lan:514' #===================================================================== # Connection to the Redis server. [redis] # Unix sockets can be used # # Default: undefined #socket = '/var/run/redis/redis.sock' # Syntax: redis://[db[:password]@]hostname[:port][/db-number] # # Default: redis://localhost:6379/0 #uri = 'redis://redis.company.lan/42' # List of aliased commands. # # See http://redis.io/topics/security#disabling-of-specific-commands #renameCommands: # del = '3dda29ad-3015-44f9-b13b-fa570de92489' # srem = '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0' #===================================================================== # Configuration for remotes [remoteOptions] # Directory used to mount remotes # # Default: '/run/xo-server/mounts' #mountsDir = '/run/xo-server/mounts' # Use sudo for mount with non-root user # # Default: false #useSudo = false #===================================================================== # Configuration for plugins [plugins] # Each configuration is passed to the dedicated plugin instance # # Syntax: [plugins.<pluginName>]