2e07e77573
- the default state for the login page's 'remember me' checkbox can now be configured - adapted the default and vintage theme to consider the new setting - added documentation for the new setting
7.2 KiB
7.2 KiB
Foreword
Do not edit configuration options in index.php! Your changes would be lost.
Once your Shaarli instance is installed, the file data/config.json.php
is generated:
- it contains all settings in JSON format, and can be edited to customize values
- it defines which plugins are enabled
- its values override those defined in
index.php
- it is wrap in a PHP comment to prevent anyone accessing it, regardless of server configuration
File and directory permissions
The server process running Shaarli must have:
read
access to the following resources:- PHP scripts:
index.php
,application/*.php
,plugins/*.php
- 3rd party PHP and Javascript libraries:
inc/*.php
,inc/*.js
- static assets:
- CSS stylesheets:
inc/*.css
images/*
- CSS stylesheets:
- RainTPL templates:
tpl/*.html
- PHP scripts:
read
,write
andexecution
access to the following directories:cache
- thumbnail cachedata
- link data store, configuration optionspagecache
- Atom/RSS feed cachetmp
- RainTPL page cache
On a Linux distribution:
- the web server user will likely be
www
orhttp
(for Apache2) - it will be a member of a group of the same name:
www:www
,http:http
- to give it access to Shaarli, either:
- unzip Shaarli in the default web server location (usually
/var/www/
) and set the web server user as the owner - put users in the same group as the web server, and set the appropriate access rights
- unzip Shaarli in the default web server location (usually
- if you have a domain / subdomain to serve Shaarli, configure the server accordingly
Configuration
In data/config.json.php
.
See also Plugin System.
Credentials
These settings should not be edited
- login: Login username.
- hash: Generated password hash.
- salt: Password salt.
General
- title: Shaarli's instance title.
- header_link: Link to the homepage.
- links_per_page: Number of shaares displayed per page.
- timezone: See the list of supported timezones.
- enabled_plugins: List of enabled plugins.
Security
- session_protection_disabled: Disable session cookie hijacking protection (not recommended). It might be useful if your IP adress often changes.
- ban_after: Failed login attempts before being IP banned.
- ban_duration: IP ban duration in seconds.
- open_shaarli: Anyone can add a new link while logged out if enabled.
- trusted_proxies: List of trusted IP which won't be banned after failed login attemps. Useful if Shaarli is behind a reverse proxy.
- allowed_protocols: List of allowed protocols in shaare URLs or markdown-rendered descriptions. Useful if you want to store
javascript:
links (bookmarklets) in Shaarli (default:["ftp", "ftps", "magnet"]
).
Resources
- data_dir: Data directory.
- datastore: Shaarli's links database file path.
- history: Shaarli's operation history file path.
- updates: File path for the ran updates file.
- log: Log file path.
- update_check: Last update check file path.
- raintpl_tpl: Templates directory.
- raintpl_tmp: Template engine cache directory.
- thumbnails_cache: Thumbnails cache directory.
- page_cache: Shaarli's internal cache directory.
- ban_file: Banned IP file path.
Updates
- check_updates: Enable or disable update check to the git repository.
- check_updates_branch: Git branch used to check updates (e.g.
stable
ormaster
). - check_updates_interval: Look for new version every N seconds (default: every day).
Privacy
- default_private_links: Check the private checkbox by default for every new link.
- hide_public_links: All links are hidden while logged out.
- hide_timestamps: Timestamps are hidden.
- remember_user_default: Default state of the login page's remember me checkbox
true
: checked by default,false
: unchecked by default
Feed
- rss_permalinks: Enable this to redirect RSS links to Shaarli's permalinks instead of shaared URL.
- show_atom: Display ATOM feed button.
Thumbnail
- enable_thumbnails: Enable or disable thumbnail display.
- enable_localcache: Enable or disable local cache.
Redirector
- url: Redirector URL, such as
anonym.to
. - encode_url: Enable this if the redirector needs encoded URL to work properly.
Configuration file example
<?php /*
{
"credentials": {
"login": "<login>",
"hash": "<password hash>",
"salt": "<password salt>"
},
"security": {
"ban_after": 4,
"session_protection_disabled": false,
"ban_duration": 1800,
"trusted_proxies": [
"1.2.3.4",
"5.6.7.8"
],
"allowed_protocols": [
"ftp",
"ftps",
"magnet"
]
},
"resources": {
"data_dir": "data",
"config": "data\/config.php",
"datastore": "data\/datastore.php",
"ban_file": "data\/ipbans.php",
"updates": "data\/updates.txt",
"log": "data\/log.txt",
"update_check": "data\/lastupdatecheck.txt",
"raintpl_tmp": "tmp\/",
"raintpl_tpl": "tpl\/",
"thumbnails_cache": "cache",
"page_cache": "pagecache"
},
"general": {
"check_updates": true,
"rss_permalinks": true,
"links_per_page": 20,
"default_private_links": true,
"enable_thumbnails": true,
"enable_localcache": true,
"check_updates_branch": "stable",
"check_updates_interval": 86400,
"enabled_plugins": [
"markdown",
"wallabag",
"archiveorg"
],
"timezone": "Europe\/Paris",
"title": "My Shaarli",
"header_link": "?"
},
"extras": {
"show_atom": false,
"hide_public_links": false,
"hide_timestamps": false,
"open_shaarli": false,
"redirector": "http://anonym.to/?",
"redirector_encode_url": false
},
"general": {
"header_link": "?",
"links_per_page": 20,
"enabled_plugins": [
"markdown",
"wallabag"
],
"timezone": "Europe\/Paris",
"title": "My Shaarli"
},
"updates": {
"check_updates": true,
"check_updates_branch": "stable",
"check_updates_interval": 86400
},
"feed": {
"rss_permalinks": true,
"show_atom": false
},
"privacy": {
"default_private_links": true,
"hide_public_links": false,
"hide_timestamps": false,
"remember_user_default": true
},
"thumbnail": {
"enable_thumbnails": true,
"enable_localcache": true
},
"redirector": {
"url": "http://anonym.to/?",
"encode_url": false
},
"plugins": {
"WALLABAG_URL": "http://demo.wallabag.org",
"WALLABAG_VERSION": "1"
}
} ?>
Additional configuration
The playvideos
plugin may require that you adapt your server's
Content Security Policy
configuration to work properly.