2 #--------------------------
3 # Indico configuration file
4 #--------------------------
6 # This file is read on Apache startup. If you change any value you will need to
7 # restart Apache afterwards to have its changes take effect.
9 # Lines starting with "#" are comments and they will be ignored by Indico.
11 #------------------------------------------------------------------------------
13 #------------------------------------------------------------------------------
15 DBConnectionParams = ("localhost", 9675)
20 #------------------------------------------------------------------------------
22 #------------------------------------------------------------------------------
24 SQLAlchemyDatabaseURI = 'postgresql://localhost/indico'
26 # Uncomment to echo requests
27 # SQLAlchemyEcho = True
29 # Uncomment if you wish to record queries
30 # SQLAlchemyRecordQueries = True
32 # Size of the connection pool (default = 5)
33 # SQLAlchemyPoolSize = 5
36 # SQLAlchemyPoolTimeout = 10
38 # Number of seconds after which a connection is automatically
39 # recycled (default = 120)
40 # SQLAlchemyPoolRecycle = 120
42 # Number of connections that can be breated after pool is at maximum
44 # SQLAlchemyMaxOverflow = 3
46 #------------------------------------------------------------------------------
48 #------------------------------------------------------------------------------
50 # To enable redis, specify a valid redis connection string here.
51 # Example: redis://unused:password@localhost:6379/0
52 # You also need to install the python redis client (pip install redis hiredis)
53 # Note that the Redis server needs to run at least Redis 2.6 with LUA support.
54 #RedisConnectionURL = None
56 #------------------------------------------------------------------------------
58 #------------------------------------------------------------------------------
59 # Possible values of SanitizationLevel:
60 # 0: Escape all HTML tags
61 # 1: Raise error if styles are used
62 # 2: Raise error if SCRIPT tag is used
63 # 3: No input filtering is done (DANGEROUS!)
67 # AuthenticatedEnforceSecure controls whether HTTPS should be enforced for
68 # authentication and while logged in.
69 AuthenticatedEnforceSecure = "yes"
71 # Possible values of CSRFLevel:
72 # 0: Disable all CSRF checks (DANGEROUS!)
73 # 1: Check CSRF token for service requests
74 # 2: Check CSRF token for service requests and cookie-based API requests
75 # 3: The above & require an empty or valid referer for normal POST requests
78 # To sign data such as activation tokens used in emails, Indico needs a secret
79 # key. It should be a random string; the preferred way to generate it is using
80 # `import os; os.urandom(32)` in a Python shell.
83 #------------------------------------------------------------------------------
85 #------------------------------------------------------------------------------
86 # Enable debug mode to get unminified assets, verbose error messages in the
87 # browser and various other things that are useful when developing indico or
88 # tracking down errors but should not be enabled for production systems.
91 # You can force a certain number of (simulated) database conflicts on every
92 # by setting ForceConflicts to the number of conflict errors you want:
95 # You can cause all error-like exceptions (i.e. not something like AccessError)
96 # to be propagated outside the Indico WSGI app by enabling this option. This has
97 # the advantage of triggering the Werkzeug debugger of the embedded server even
98 # in case of e.g. a MaKaCError.
99 #PropagateAllExceptions = False
101 #------------------------------------------------------------------------------
103 #------------------------------------------------------------------------------
104 # BaseURL is the url where Indico will be accessed:
106 BaseURL = "http://localhost:8000"
108 # BaseSecureURL is the HTTPS location of Indico. Set empty string if you want to use http.
110 BaseSecureURL = "https://localhost:8443"
113 # If you are using a custom user authentication system (see below) uncomment
114 # the following lines and specify the new URLs.
117 # RegistrationURL = ""
119 # Support the old mod_python-style URLs (conferenceDisplay.py?confId=123 etc.) by redirecting
120 # them to their new URL.
121 #RouteOldUrls = False
124 #------------------------------------------------------------------------------
126 #------------------------------------------------------------------------------
127 ArchiveDir = "/opt/indico/archive"
128 BinDir = "/opt/indico/bin"
129 ConfigurationDir = "/opt/indico/etc"
130 DocumentationDir = "/opt/indico/doc"
131 HtdocsDir = "/opt/indico/htdocs"
132 LogDir = "/opt/indico/log"
133 UploadedFilesTempDir = "/opt/indico/tmp"
134 XMLCacheDir = "/opt/indico/cache"
135 # You can use 'redis', 'memcached' or 'files'. The files backend caches objects in
136 # XMLCacheDir while the Memcached backend uses one or more memcached servers.
137 #CacheBackend = 'files'
138 # When using memcached, provide a tuple containing 'ip:port' entries for the
139 # memcached servers. Do not forget to firewall those servers as memcached has no
140 # authentication at all!
141 #MemcachedServers = ('127.0.0.1:11211',)
142 # When using redis, provide a redis connection string for the Redis server.
143 #RedisCacheURL = 'redis://unused:password@localhost:6379/1'
145 #------------------------------------------------------------------------------
147 #------------------------------------------------------------------------------
148 SmtpServer = ("localhost", 8025)
152 # If your SMTP server is using TLS write "yes", otherwise write "no"
156 #------------------------------------------------------------------------------
158 #------------------------------------------------------------------------------
159 # SupportEmail is the email address where all automatically generated
160 # application errors will be sent to.
162 SupportEmail = "root@localhost"
165 # PublicSupportEmail is an email address that will be shown in Indico and where
166 # users are expected to find help when they have using the website.
168 PublicSupportEmail = "root@localhost"
170 # NoReplyEmail is the email address showed when we do not want the users to answer
171 # an automatically generated email.
173 NoReplyEmail = "noreply-root@localhost"
176 #------------------------------------------------------------------------------
178 #------------------------------------------------------------------------------
179 # Here you can limit the maximum size of all the uploaded files (in MB) in a
180 # request. This is a hard limit that is enforced on the server side.
181 # default: 0 (unlimited)
183 MaxUploadFilesTotalSize = 0
185 # Here you can limit the maximum size of an uploaded file (in MB)
186 # default: 0 (unlimited)
187 # Please note that this limit is only enforced on the client side!
188 # For a hard limit see MaxUploadFilesTotalSize
190 MaxUploadFileSize = 0
193 #------------------------------------------------------------------------------
194 # AUTOMATIC MAINTENANCE
195 #------------------------------------------------------------------------------
196 # Indico can automatically delete events older than a specified number of days.
197 # This is set on a per-category basis:
199 # CategoryCleanup = {
200 # '2': 30 # delete events in category '2' that have been created more than 30 days ago
203 # If you want maintenance operations to be logged under a user other than the
204 # the server administrator (id 0), you can customize it here:
208 #------------------------------------------------------------------------------
209 # STATIC FILE DELIVERY
210 #------------------------------------------------------------------------------
211 # Indico supports the use of the X-Sendfile and X-Accel-Redirect headers:
213 # http://blog.lighttpd.net/articles/2006/07/02/x-sendfile
214 # http://wiki.nginx.org/X-accel
216 # If your webserver supports this feature and you want to activate it,
217 # you should enable it here
219 # X-Sendfile (apache with mod_xsendfile, lighttpd):
220 # StaticFileMethod = 'xsendfile'
222 # X-Accel-Redirect (nginx):
223 # StaticFileMethod = ('xaccelredirect', {
224 # '/opt/indico/archive': '/.xsf/archive',
225 # '/opt/indico/cache': '/.xsf/cache',
226 # '/opt/indico/htdocs': '/.xsf/htdocs'
228 # Because of the way nginx works (using URLs instead of paths) you also need to map the .xsf urls to
229 # the paths in your nginx config (for each entry in the dict above):
230 # location /.xsf/archive/ {
232 # alias /opt/indico/archive/;
234 # DO NOT forget the "internal;" statement - it prevents users from accessing those URLs directly.
236 #StaticFileMethod = None
239 # Sessions are only stored for a certain time. You can modify the duration here. By setting
240 # the lifetime to 0 the cookie will expire when the browser is closed.
241 #SessionLifetime = 86400 * 31
243 # If indico is behind a proxy, the user's IP needs to be retrieved from the
244 # HTTP_X_FORWARDED_FOR header. To enable this behavior, set UseProxy to True.
245 # Note that this MUST NOT be enabled if the machine is accessible directly or
246 # users will be able to spoof their IP address!
250 #------------------------------------------------------------------------------
252 #------------------------------------------------------------------------------
253 # Indico lets you log error messages using two methods:
255 # * Simple log files (default)
256 # * Sentry (https://github.com/getsentry/sentry)
258 # Loggers = ['sentry', 'files']
259 # SentryDSN = 'http://user:password@logger.example.com/n'
260 # SentryLoggingLevel = 'ERROR' # default: 'WARNING'
263 #------------------------------------------------------------------------------
264 # OFFLINE WEBSITE PACKAGES CREATION
265 #------------------------------------------------------------------------------
266 # Indico allows users to download their event so they can run it offline.
268 # The OfflineStore variable points to a directory that Indico will use to store
269 # the offline website packages.
271 # If the OfflineStore variable is not set, the functionality will be disabled.
273 # OfflineStore = "/opt/indico/archive"
276 #------------------------------------------------------------------------------
277 # LATEX/PDF GENERATION
278 #------------------------------------------------------------------------------
279 # Set the path to pdflatex if it's not within PATH:
280 # PDFLatexProgram = 'pdflatex'
282 # In strict mode, a non-zero status code is considered failure. Disable this if
283 # you have old contributions that contain invalid LaTeX and you prefer possibly
284 # weird-looking PDFs over an error and no PDF at all.
287 #------------------------------------------------------------------------------
289 #------------------------------------------------------------------------------
291 # If you have an installation of the mobile version of Indico, you can enable the
292 # notification that encourages its usage when the user accesses the Desktop Indico
293 # from a mobile device. One only needs to add the URL of Indico mobile here:
294 # MobileURL = "http://m.indico.your.domain"
296 #------------------------------------------------------------------------------
298 #------------------------------------------------------------------------------
300 # List of plugins to be loaded on server start.
302 # Plugins = {'example'}
304 #------------------------------------------------------------------------------
306 #------------------------------------------------------------------------------
307 # If you do not need integration with an existing authentication infrastructure
308 # such as LDAP, OAuth or a SSO system like Shibboleth, you do not have to set
309 # anything here. Having local identities enabled is sufficient:
310 # LocalIdentities = True
312 # When `LocalIdentities` is set to False, a link to an external registration
313 # page can be configured here:
314 # ExternalRegistrationURL = ''
316 # For advanced authentication and user information retrieval, Indico uses the
317 # Flask-Multipass library, so you can use any registered multipass auth/identity
318 # provider in Indico. Using such providers requires additional configuration.
319 # Please note that the name of an identity provider MUST NOT be changed once
320 # it has been used, as it is referenced internally. Changing the title is fine
323 # For documentation on the providers and their config options see the
324 # documentation of multipass on the following site:
325 # https://flask-multipass.readthedocs.org/en/latest/
327 # In addition to the settings handled by multipass, you may use the following
332 # This must be set to `True` for exactly one form-based authentication
333 # provide in case you have more than one form-based provider. If omitted,
334 # the default login form will be for local indico accounts (if enabled).
336 # Identity providers:
337 # - `default_group_provider`
338 # If you have any identity providers which provide groups, it is highly
339 # recommended to enable this for exactly one of these providers. This
340 # is extremely important if you migrated an old database and have ACLs
341 # which don't contain provider references yet.
343 # If all emails received from the provider are trustworthy, i.e. it is
344 # guaranteed that the emails actually belong to the user. This should
345 # be enabled e.g. for corporate SSO systems so people do not have to go
346 # through an email verification step the first time they login/signup.
348 # This may be set in no more than one identity provider and enables user
349 # data synchronization. Its value should be a set of user attributes that
350 # can be synchronized. The following attributes are supported:
351 # 'first_name', 'last_name', 'affiliation', 'phone', 'address'
353 # Indico uses the following identity info keys from multipass, so you need
354 # to configure the mappings in your identity providers accordingly:
355 # 'first_name', 'last_name', 'email', 'affiliation', 'phone', 'address'
356 # All keys are optional, so if a provider does not contain data for a field,
357 # you can override `identity_info_keys` and only specify the keys you want.
358 # However, if a provider does not have at least 'email', external users
359 # returned by this provider will never show up in search results. Likewise,
360 # an external user with no email will not appear in search results.
362 # Auth and identity providers with the same name are linked automatically
363 # unless ProviderMap is specified. If specified it should be a dictionary
364 # suitable for the MULTIPASS_PROVIDER_MAP setting of multipass.
366 #IdentityProviders = {}
369 #------------------------------------------------------------------------------
371 #------------------------------------------------------------------------------
373 # The timezone that is used by default. This also affects the timezone used by
375 #DefaultTimezone = 'UTC'
378 #------------------------------------------------------------------------------
380 #------------------------------------------------------------------------------
382 # Indico uses Celery to run time-consuming background tasks and periodic jobs.
383 # You must configure a Celery "broker" which is used to communicate between
384 # Indico and the worker(s).
385 # We recommend Redis as it is very easy to set up. For details, see the Celery
387 # http://celery.readthedocs.org/en/latest/getting-started/brokers/redis.html
388 #CeleryBroker = 'redis://unused:password@localhost:6379/0'
390 # By default, task results are stored in the broker backend, but you can
392 #CeleryResultBackend = None
394 # By default, all periodic tasks are enabled and use a schedule that is
395 # considered appropriate by the Indico developers. You can override this
396 # for specific tasks using the `ScheduledTaskOverride` dict. The key is the
397 # name of the task and the value can be one of the following:
398 # - `None` or `False`: Disables the task completely
399 # - A dictionary, as described in the Celery documentation
400 # http://celery.readthedocs.org/en/latest/userguide/periodic-tasks.html#available-fields
401 # The `task` key is not necessary in this case, as it is set automatically.
402 # - A `timedelta` or `crontab` object which will just override the schedule
403 # and not touch any other options of the task.
404 #ScheduledTaskOverride = {}
406 # You can use the `CeleryConfig` settings to specify/override any config option
407 # supported by Celery. For the full list of options, see the Celery docs at
408 # http://celery.readthedocs.org/en/latest/configuration.html
411 # Your Celery workers can be monitored using Flower. To use it, simply start it
412 # using `indico celery flower`; by default it will listen on the same host as
413 # specified in BaseURL (non-SSL) on port 5555. However, having an open Flower
414 # instance is a security issue as it will allow anyone to shut down your celery
415 # workers. To avoid this, you can use Indico's OAuth2 provider to restrict the
416 # access to flower to Indico administrators. To do so, register a new OAuth
417 # application in the administration interface (`Server admin > Applications`)
418 # and set the `FlowerClientId` option to its Client ID.
419 #FlowerClientId = None
421 # To get a link to Flower in the administration menu, set `FlowerURL` to the URL
422 # under which your Flower instance is accessible:
426 # ------------------------------------------------------------------------------
428 # ------------------------------------------------------------------------------
430 # In order to use Indico check-in app, first register the application manually
431 # within `Server admin > Applications` and then fill in here the client_id
433 #CheckinAppClientId = ''
436 # ------------------------------------------------------------------------------
438 # ------------------------------------------------------------------------------
440 # Indico needs to store various files such as event attachments somewhere. You
441 # need to configure the storage backends here. By default only a filesystem
442 # based storage backend is available, but plugins could add additional backends.
443 # You can define multiple backends, but once a backend has been used, you MUST
444 # NOT remove it or all files stored in that backend will become unavailable.
445 # To define a filesystem-based backend, use the string `fs:/base/path`.
446 # Other backends may accept different options - see the documentation of these
447 # backends for details.
448 #StorageBackends = {'default': 'fs:/opt/indico/archive'}
450 # You need to set the storage backend used for event attachments to backend that
451 # has been defined in StorageBackends. Note that this only affects new uploads.
452 # Existing files are taken from whatever backend was used when they have been
454 #AttachmentStorage = 'default'