41 lines
1.3 KiB
JSON
41 lines
1.3 KiB
JSON
// Vendor config: DO NOT TOUCH!
|
|
//
|
|
// See sample.config.yaml to override.
|
|
{
|
|
"http": {
|
|
"listen": [
|
|
{
|
|
"port": 80
|
|
}
|
|
],
|
|
"mounts": {},
|
|
|
|
// Ciphers to use.
|
|
//
|
|
// These are the default ciphers in Node 4.2.6, we are setting
|
|
// them explicitly for older Node versions.
|
|
"ciphers": "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA",
|
|
|
|
// Tell Node to respect the cipher order.
|
|
"honorCipherOrder": true,
|
|
|
|
// Specify to use at least TLSv1.1.
|
|
// See: https://github.com/certsimple/minimum-tls-version
|
|
"secureOptions": 117440512
|
|
},
|
|
"datadir": "/var/lib/xo-server/data",
|
|
|
|
// Should users be created on first sign in?
|
|
//
|
|
// Necessary for external authentication providers.
|
|
"createUserOnFirstSignin": true,
|
|
|
|
// Whether API logs should contains the full request/response on
|
|
// errors.
|
|
//
|
|
// This is disabled by default for performance (lots of data) and
|
|
// security concerns (avoiding sensitive data in the logs) but can
|
|
// be turned for investigation by the administrator.
|
|
"verboseApiLogsOnErrors": false
|
|
}
|