openrat-cms

config-all-example.yml (36999B)

---

 #  /* vim: set filetype: yml : */
 # 
 # 
 
 #  OpenRat configuration file example
 
 #  Per host configuration:
 #  A file 'config-<hostname>.yml' is preferred before file 'config.yml'.
 
 #  Rules for reading this file:
 #  1. if environment-variable 'OR_CONFIG_FILE' is set, then this value is used for the configuration filename.
 #  2. if environment-variable 'OR_CONFIG_DIR' is set, then a file 'config-<hostname>.yml' is read. If it does not exist,  'config.yml' is read instead.
 #  3. file 'config/config-<hostname>.yml' is read. If it does not exist,  'config/config.yml' is read instead.
 # 
 
 
 #  Configuration
 
 
 
 #  Start other applications out of OpenRat.
 #  Other applications are able to authenticate the user with a ticket id (Single Signon)
 #  see documentation for more details.
 
 #  The Name of the application
 # applications.phpmyadmin.name: PHPYourAdmin
 
 #  URL
 # applications.phpmyadmin.url: "https://example.com/anotherapplication/index.cgi"
 
 #  Name of the HTTP-Parameter for the Ticket-Id.
 #  OpenRat puts the session-id into this parameter.
 # applications.phpmyadmin.param: "ticketidforopenrat"
 
 #  Groups
 #  Only User, who are in this group, may see the application
 #  (optional)
 # applications.phpmyadmin.group: 
 
 #  A brief description of this application.
 # applications.phpmyadmin.description: "Your database administration"
 # 
 
 
 
 cache:
   #  Conditional-GET enables the "304 not modified" HTTP-Header
   #  This is much faster, but sometimes caching is unwanted
   #  if you have caching problems, set this to 'false'.
   #  Default: 'true'
   conditional_get: true
 
 
 
   #  Pages and files are cached in a temporary directory.
   #  'false' means generate each page again and again
   #  'true'  will cache a page's content. This will improve
   #          the performance, but has some side effects,
   #          f.e. no dynamic content will be updated.
   #  Default: 'false'
   enable_cache: false
 
 
 
   #  Directory for temporary files.
   #  Default: blank (means: OpenRat is using the system temporary dir)
   tmp_dir: ''
 
 
 
 config:
   #  Auto-Reload session.
   #  If the configuration file is changed, its content is reloaded automatically
   #  Default: true
   auto_reload: true
 
   #
   #  If the configuration file is changed, a new session will be created.
   #  Default: true
   session_destroy_on_config_reload:  true
 
 
 
 content:
   file:
     #  Maximum file size for uploads in KB
     #  Special values: 0,-1 :  not restricted
     #  Default: 0
     max_file_size: 1500
 
 
 
 
   #  Delete-strategy of old content.
 
   #  Values are deleted, if
   #  a) max-age and min-revisions are reached OR
   #  b) max-revisions and min-age are reached
   revision-limit.enabled :  false
 
   #  max age of values (days)
   revision-limit.max-age :  120
   #  min age of values (days)
   revision-limit.min-age :  1
 
   #  number of revisions
   revision-limit.max-revisions :  100
   revision-limit.min-revisions :  3
 
 
 
   #  If a textvalue is empty, try using the default language
   #  Default: true
   language.use_default_language :  true
 
 
 
 
 database:
   #  Database configuration.
   #  You have to have at least one database connection which has 'enabled: true'.
 
   #  Supported connection-types:
   #  - 'pdo'        A common PHP database abstraction layer for a lot of DBs.
   
   # Supported PDO drivers:
   #  - 'mysql'        Mysql/MariaDB
   #  - 'postgresql'   Postgresql
   #  - 'sqlite'       SQlite databases
 
 
 
   #  Default Database
   #  This database will be selected by default.
   #  There has to exist a section with this name.
   default: sample_db_mysql
 
 
 
   #  This is a sample database connection.
   #  If you want to use it, just fill out the login data and set 'enabled' to 'true'
   sample_db_mysql:
     enabled    :  false                 # set this to 'true' for using this connection
     comment    :  "DB MySQL"            # comment of this database
 
     type:  pdo
     driver: mysql
     user  :  dbuser                # database user
     password   :  dbpass                # database password
     host       :  localhost             # database hostname
     port  : 0                            # database TCP/IP-Port (optional)
     database   :  cms                   # database name
 
     base64     :  false                 # store binary as BASE64
     prefix     :  or_                   # table praefix
     persistent :  yes                   # use persistent connections (try this, it's faster)
     charset :  UTF-8
 
     #  SQL-Statement which is executed after opening the connection
     #  connection_sql :  "SET NAMES 'UTF8';"  ; using UTF-8 as database charset
     connection_sql :  ""
 
     #  System command for executing before connecting to the database.
     #  Maybe for installing an SSH-Tunnel.
     #  For background programs, you have to redirect stdin and stdout! (maybe to /dev/null)
     #  Example: "sudo -u u123 /usr/local/bin/sshtunnel-example.sh"
     #  Default: blank.
     cmd :  ""
 
     #  Using prepared statements.
     #  The 'old' mysql-interface in PHP does not support prepared statements
     prepare :  false
 
     #  Using transactions. Set to 'true' when you are using 'InnoDB'-tables.
     #  If so, maybe you need to set 'SET AUTOCOMMIT: 0' as connection_sql above.
     #  Default: false
     transaction :  false
 
     #  Readonly tables. Set to 'true' during maintainance activitys.
     #  If 'true', OpenRat will disable all writing operations.
     readonly :  false
 
 
 
     #  This is a sample database connection.
     #  If you want to use it, just fill out the login data and set 'enabled' to 'true'
   sample_db_postgresql:
 
     enabled    :  false                 # set this to 'true' for using this connection
     comment    :  "DB-PostgreSQL"       # comment of this database
 
     type       :  postgresql            #
     user       :  dbuser                # database user
     password   :  dbpass                # database password
     host       :  localhost             # database hostname
     port       : 0                      # database TCP/IP-Port (optional, 0=Standard port)
     database   :  cms                   # database name
 
     base64     :  false                 # store binary as BASE64 (in postgresql 7.x set this to 'true')
     prefix     :  or_                   # table praefix
     persistent :  yes                   # use persistent connections (try this, it's faster)
     charset :  UTF-8
 
     #  SQL-Statement which is executed after opening the connection
     connection_sql :  ""
 
     #  System command for executing before connecting to the database.
     #  Maybe for installing an SSH-Tunnel.
     #  For background programs, you have to redirect stdin and stdout! (maybe to /dev/null)
     #  Example: "sudo -u u123 /usr/local/bin/sshtunnel-example.sh"
     #  Default: blank.
     cmd :  ""
 
     #  Using prepared statements.
     #  This is EXPERIMENTAL, do not use in production environments
     prepare :  false
 
     #  Using transactions. Set this to true, if the MySQL table engine supports transactions
     transaction :  false
 
 
 
 #  SQ-Lite is an embedded, 'mostly-ANSI-SQL-supporting' database system.
 #  for using SQLite, please check for the PHP module
 #  f.e. on ubuntu 'sudo apt-get install php5-sqlite'
   sample_db_sqlite:
 
     enabled    :  false                    # set this to 'true' for using this connection
     comment    :  "DB-SQLite"              # comment of this database
 
     type       :  sqlite                   #
 
     #  Filename of your SQlite database
     filename   :  "/local/path/to/your/sqlite/openrat.db"
 
     base64     :  false                 # store binary as BASE64 (in postgresql: true)
     prefix     :  or_                   # table praefix
     persistent :  yes                   # use persistent connections (try this, it's faster)
     charset :  UTF-8
 
     #  per default SQlite uses table-prefixed column names when using JOINs which MUST BE off.
     connection_sql :  "pragma short_column_names: true;"
 
     #  System command for executing before connecting to the database.
     cmd :  ""
 
     prepare :  false
 
     #  Set this to true, if you want to use transactions.
     transaction :  false
 
 
 
   sample_pdo_sqlite:
 #  PDO (means PHP Data Objects) is an abstract database interface
 
     enabled    :  false                    # set this to 'true' for using this connection
     comment    :  "DB-PDO"                 # comment of this database
 
     type       :  pdo                      #
 
     #  The DSN-Url for your database
     #dsn :  ""
     #  Examples:
     #  MySql
     dsn :  "mysql:dbname: testdb;host: 127.0.0.1"
     #  PostgreSQL
     #dsn :  "pgsql:host: localhost port: 5432 dbname: mydb user: dbuser password: dbpass"
     #  SQLite
     #dsn :  "sqlite:/path/to/mydb.db"
     #  JDBC-Url when using OpenRat in Quercus
     #dsn :  "java:comp/env/jdbc/mydb"
 
     #  If not part of the DSN this is the right place for username/password
     user     :  "dbuser"
     password :  "dbpass"
 
     base64     :  false                 # store binary as BASE64 (in postgresql: true)
     prefix     :  or_                   # table praefix
     persistent :  yes                   # use persistent connections (try this, it's faster)
     charset :  UTF-8
 
     #  SQL-Statement which is executed after opening the connection
     connection_sql :  ""
     #  Examples:
     #  per default SQlite uses table-prefixed column names when using JOINs which MUST BE off.
     #connection_sql :  "pragma short_column_names: true;"
     #  set default schema for Oracle
     #connection_sql :  "alter session set current_schema: myschema;"
 
     #  System command for executing before connecting to the database.
     cmd :  ""
 
     prepare :  false
 
     #  Set this to true, if you want to use transactions.
     transaction :  false
 
     readonly :  false
 
 
     #  The database results MUST contain lowercase column names.
     #  if using Oracle, set this to 'true', default is 'false'.
     convert_to_lowercase :  false
 
     #  PDO driver-specific options
     #  key 'option_a' means option 'a'.
     option_myoption_a:
     option_myoption_b:
 
 
 # 
 #  Date formats
 #  see http://www.php.net/manual/en/function.date.php for details
 date:
   format:
 
     SHORT :  ""
     ISO8601SHORT :  "Ymd"
     ISO8601 :  "Y-m-d"
     ISO8601BAS :  "YmdTHis"
     ISO8601EXT :  "Y-m-dTH:i:s"
     ISO8601FULL :  "Y-m-dTH:i:sO"
     ISO8601WEEK :  "YWW"
     GER1 :  "d.m.Y"
     GER2 :  "d.m.Y, H:i"
     GER3 :  "d.m.Y, H:i:s"
     GER4 :  "d. F Y, H:i:s"
     ENGLONG :  "l dS of F Y h:i:s A"
     GMDATE :  "D, d M Y H:i:s GMT"
     RFC822 :  "r"
     UNIX :  "U"
     LONG :  "F j, Y, g:i a"
 
 
   timezone:
     "-6": "New York"
     "0": "UTC (GMT)"
     "60": "MET (Middle European Time)"
     "120": "MEST (Middle European Summertime)"
 
 
 
 #  Editor configuration
 editor:
   text-markup:
     #  Strong/important text (mostly "bold")
     strong-begin :  "*"
     strong-end   :  "*"
 
     #  Emphatic text (mostly "italic")
     emphatic-begin :  "_"
     emphatic-end   :  "_"
 
     #  Image
     image-begin :  "{"
     image-end   :  "}"
 
     #  Speech
     speech-begin :  QUOTE
     speech-end   :  QUOTE
 
     #  text with same width
     code-begin :  ": "
     code-end   :  ": "
 
     #  footnotes
     footnote-begin :  "["
     footnote-end   :  "]"
 
     #  pre-formatted Text
     pre-begin :  ": "
     pre-end   :  ": "
 
     #  Inserted Text
     insert-begin :  "++"
     insert-end   :  "++"
 
     #  Removed text
     remove-begin :  "--"
     remove-end   :  "--"
 
     #  Separator for a definition item
     definition-sep :  "::"
 
     #  Indenting headline
     headline       :  "+"
 
     #  Underlining of headline level 1
     headline_level1_underline :  ": "
 
     #  Underlining of headline level 2
     headline_level2_underline :  "-"
 
     #  Underlining of headline level 3
     headline_level3_underline :  "."
 
     #  Unnumbered Listentry
     list-unnumbered :  "-"
 
     #  Numbered Listentry
     list-numbered   :  "#"
 
     #  Table of content
     table-of-content:  "##TOC##"
 
     #  Link to
     linkto          :  "->"
 
     #  Table cell separator
     table-cell-sep  :  "|"
 
     style-begin :  "'"
     style-end   :  "'"
 
     #  Quote Text
     quote            :  ">"
     quote-line-begin :  ">"
     quote-line-end   :  ">"
 
     #  Makro
     macro-begin :  "<<"
     macro-end   :  ">>"
     macro-attribute-quote :  "'"
     macro-attribute-value-seperator :  ": "
 
 
   html:
     #  Which HTML-Tag to use for cites
     tag_strong :  "strong"
 
     #  Which HTML-Tag to use for emphatic text
     tag_emphatic :  "em"
 
     #  Which HTML-Tag to use for teletyped text
     tag_teletype :  "tt"
 
     #  Which HTML-Tag to use for cites
     tag_speech :  "cite"
 
     #  OpenRat tries to use a good speech tag. You may override this.
     override_speech :  false
     override_speech_open  :  "&laquo;"
     override_speech_close :  "&raquo;"
 
     #  HTML-Rendermode
     #  explains how to handle emtpy elements.
     #  'xml'  : > <br />, <image src: "..." />
     #  'sgml' : > <br>, <image src: "...">
     rendermode: sgml
     #rendermode: xml
 
     replace :  "EUR:&euro; (c):&copy; (r):&reg; ^1:&sup1; ^2:&sup2; ^3:&sup3; 1/4:&frac14; 1/2:&frac12; 3/4:&frac34;"
 
 
   wiki:
     convert_html: true
     convert_bbcode: true
 
 
 
 filename:
   #  Should filenames be editable?
   #  'true' : Author may edit the filenames of pages, files and folders.
   #  'false': filenames are generated by the CMS
   #  Default: true
   edit    :  true
 
   #  filename of folder start file
   #  Default: 'index'.
   default :  index
 
 
   #  'ss'     : nerdy and poor imitation of story server urls. Looks important, but is cheap ;)
   #  'id'     : simply use the object id for the url
   #  'longid ': use a more longer id in the url
   #  'short'  : use a url which is as short as possible (uses all possible characters)
   #  Default: 'short'
   style   :  short          # use a url which is as short as possible
 
   #  hint: If edit: true, then the stored filename will be used.
   #        If no filename stored, or if edit: false, then the defined style is used.
 
   #  how the links to other pages are generated.
   #  'relative': Links are generated like '../../path/page.html'
   #  'absolute': Links are generated like '/path/page.html'
   #  Default: relative
   url: relative
 
 
 
 
 
 help:
   #  Enable online help
   #  Default: true
   enabled: true
 
   #  URL praefix to the help documents
   # help.url: help/html/
   url: http://help.openrat.de/
 
   #  file extension of the help documents
   suffix: .html
 
 
 i18n:
   #  Search for language in HTTP header
   #  This is a useful setting. The Browser says, which language will be taken.
   use_http: true
 
 
   #  Default language
   #  If no language is found, which should be used?
   default: de
 
 
   #  Available Languages.
   #  A comma seperated list with language codes.
   #  for each language there must be a file named 'language/<code>.ini'.
   available: de,en,es,fr,it,ru,cn
 
 
 
   #  Mappings from the language to installed locales
   locale.de: "de_DE.utf8"
   locale.en: "en_US.utf8"
 
 
 
 image:
   #  Say 'true' if GD2 is available, otherwise 'false'
   truecolor: true
 
 
 
 interface:
   #  Use of human date format
   #  looks like "3 years ago", or "7 months ago"
   #  Default: false
   human_date_format :  false
 
 
 
 #  The default style which is used, when no user is logged in.
 #  'default' is the classic Openrat style.
   style:
     "default": "default"
 
     #  'system' uses system colors from the client (nice choice)
     #"default": "system"
 
 
 
   config:
     #  show system settings (operating system, system time, ...)
     show_system: true
 
     #  show PHP settings
     show_interpreter: true
 
     #  show a list of PHP extensions (without any details)
     show_extensions: true
 
 
 
 #  Frameset settings
 
 #  Manipulating the URL of Openrat.
   url:
 
 
     #  If the entry filename is the index file of the directory, set this to true.
     #  This enables urls like "path/to/openrat/?a: 1&b: 2" and hides PHP.
     #  only useful, if fake_url: false
     #  if unsure, set to 'false' (default)
     index :  false
 
   #  Use gravatar for user images
   gravatar:
     #  see http://www.gravator.com for details
     enable: true
     size: 80
     default: 404
     rating: g
 
 
 
 #  Session-related settings
 
 #  auto-extend the session while the browser is still open.
 #  if 'true', the title frame will be refreshed automatically
 #  1 minute before the session times out.
   session:
     auto_extend: false
 
 #  Openrat is able to check passwords against a LDAP-based directory.
 ldap:
 
   #  Hostname of your LDAP server.
   host: "localhost"
 
   #  TCP-Port of your LDAP server.
   port: "389"
 
   #  Protocol-Version
   #  Set this to '2' or '3'.
   protocol: "2"
 
 #  The format of the DN
 #  If blank, the DN is automatically searched in the LDAP tree (see section "search").
 #  for using LDAP authentication, /security/auth/type has to be set to "ldap"!
   dn :  "uid: {user},ou: users,dc: example,dc: com"
   #dn :  "";
 
 
   #  Settings for authentication against a LDAP directory
   #  This is only activated, if the setting 'security.auth.type' is 'ldap'.
   
   #  use of anonymous bind ('true' or 'false')
   #  if 'true', the following user and password settings are ignored.
   search.anonymous :  true
 
   #  if 'anonymous' is 'false': DN of technical user for searching the real user DN
   search.user      :  "uid: openrat,ou: users,dc: example,dc: com"
 
   #  if 'anonymous' is 'false': password of technical user
   search.password  :  "verysecret"
 
   #  Base-DN of the subtree where the search begins
   search.basedn    :  "dc: example,dc: com"
 
   #  Filter setting for searching the user objects.
   #  The string {user} will be replaced by the user name.
   search.filter    :  "(uid: {user})"
 
   #  Aliases are dereferenced ('true' or 'false')
   search.aliases   :  true
 
   #  Timeout in seconds
   search.timeout   :  30
 
   #  If the user is found in the LDAP tree, but is not yet stored in the internal database.
   #  'true'  the user will be logged in and automatically inserted in the internal database.
   #  'false' login will be rejected, all users must exist in the internal database.
   search.add       :  true
 
 
 
   #  The user-group-relation can be read out of the LDAP tree.
   #  For using this, 'security.authorize.type' must be set to 'ldap'.
   
   #  Search filter for reading the groups a user belongs to.
   authorize.group_filter: "(memberUid: {dn})"
 
   #  LDAP attribute name of the name of the group
   authorize.group_name: "cn"
 
   #  Add groups found in LDAP (but not known in the internal database) automatically into database?
   #  If 'false', the LDAP groups cannot be used!
   authorize.auto_add :  true
   
 login:  
   motd: ""                                  # Message of the day, shown in login mask
   nologin: false                            # Disable Login (for maintanance jobs)
   register: false
   send_password: false
 
   gpl.url: "http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
 
   logo.file: "./themes/default/images/logo.jpg"  # logo (url to image) in login mask
   logo.url: "http://www.openrat.de"              # linked url in login mask
 
 
   #  After Login, start with the last changed object.
   #  If 'true', the project menu is not displayed.
   start:
     start_lastchanged_object: true
 
 
 log:
   #  filename of logfile. Every log entry will be appended to this file.
   #  This file must be writable by the webserver.
   #  If blank (default), no logging will be done.
   file :  ""
 
   #  loglevel are one of 'trace','debug','info','warn','error'
   level :  "warn"
 
   #  date format (for variable %time, see 'format'. This format is used by PHPs date()-function.
   #  See http://www.php.net/date
   date_format :  "M j H:i:s"
 
   #  lookup hostname of client-IP
   #  this may increase performance, if 'true'. Be careful!
   dns_lookup :  false
 
   #  output format
   #  the following variables are replaced:
   #  %time by the current time of the log entry.
   #  %level the logging level
   #  %host client ip ore hostname (see 'dns_lookup' entry above)
   #  %user username, who is logged in, ore '-' if not logged in.
   #  %action what is happening now
   #  %text reason of the log entry
   format :  "%time %level %host %user %action %text"
 
 
 mail:
   #  E-Mail Settings
 
   #  Does your server send e-mails?
   #  'true' or 'false'
   enabled: true
 
   #  The "from"-Adress. Creates a "From: "-Header.
   #  This is not neccecary. Hint: Most MTAs require a valid email adress.
   from: "OpenRat <user@example.com>"
 
   #  This signature is appended at the end of a mail. Use ';' for line-breaks.
   #  A useful information is maybe the URL of your OpenRat installation.
   signature: "http://www.openrat.de"
 
   #  Copy Recipient
   cc: 
 
   #  Blind Copy recipient
   bcc: 
 
   #  Priority of the mail (creates an "X-Priority"-Header)
   #  1: Highest, 2: High, 3: Normal, 4: Low, 5: Lowest
   #  Hint: Most MUAs ignore this header.
   priority: 3
 
 
   #  Non-7-bit-chars are not allowed in Mailheaders (see RFC 822, 2045, 2047)
   #  and must be encoded. Openrat supports 3 types of encoding:
   #  'Quoted-printable' (default),
   #  'Base64'
   #  '' (blank) no encoding.
   header_encoding: "Quoted-printable"
 
 
   #  Which SMTP client you want to use.
   #  'php' : Internal PHP function mail().
   #  'smtp': OpenRat internal SMTP-client
   #  If unsure, use the builtin PHP function.
   client: smtp
   #client: php
 
 
   #  Whitelist
   #  A comma-seperated list of domains names
   whitelist :  ""
 
   #  Blacklist
   #  A comma-seperated list of domain names
   blacklist :  ""
 
 
 
   #  Settings for the internal SMTP client.
   #  If client: 'php', you have no need to change anything in this section.
 
   #  Relay host
   #  It is useful, to have your own relay host, as servers doing greylisting
   #  *will* deny our smtp try.
   #  If this is blank, the mail is delivered directly to the destination MX host.
   #  I repeat, it is better to always use a relay host!
   #smtp.host: "mail.yourdomain.example"
   smtp:
     host: "locahost"
 
     #  SMTP-Port is '25' in most environments
     port: "25"
 
     #  SMTP Authentication
     #  (only needed if using a relay host)
     #  (FYI: The client makes use of the SMTP "AUTH LOGIN" method.
     auth_username: "your.user@something.example"
     auth_password: "notsecret"
 
     #  Timeout in seconds
     timeout: "45"
 
     #  Your fully-qualified hostname (FQDN)
     #  if empty, Openrat will use your simple hostname
     #localhost:
     localhost: "your.fully.qualified.hostname.example"
 
     #  Use TLS
     #  The client will send a "STARTTLS" command after HELO.
     #  TLS is not tested, use at your own risk!
     tls: false
 
     #  Use SSL
     #  The client will connection using the SSL-protocol.
     #  This is not tested, use at your own risk!
     ssl: false
 
 
 publish:
   #  Allow editing of file names.
   #  'true' : Author is allowed to edit the file names of his files and pages.
   #  'false': File names are generated by OpenRat only.
   edit: true
 
 
   #  filename for the first object in a folder.
   #  Default is 'index'.
   default: index
 
 
   #  File naming conventions
   #  See http://httpd.apache.org/docs/2.0/content-negotiation.html#naming
   #  '{filename}{language_sep}{language}{type_sep}{type}' means 'foo.en.html'
   format       :  "{filename}{language_sep}{language}{type_sep}{type}"
 
 
   #  Seperators, mostly you will use '.'
   language_sep :  "."
   type_sep     :  "."
 
 
   #  'always': language name is always appended to the filename
   #  'auto'  : language is appended if there are at least 2 languages
   filename_language :  auto
 
 
   #  'always': type is always appended to the filename
   #  'auto'  : type is appended if there are at least 2 project models
   filename_type :  always
 
 
   #  Filename Mode. Only used, if edit: false or no filename is set for an object.
   #  'ss'    : nice hack for lamers which like storyserver urls like '0,1513,453556,00.html'
   #  'id'    : simply use the object id.
   #  'longid': use a unique and long number.
   #  'short' : use a unique name which is as short as possible.
   style: "id"
 
 
   #  Mode of generated URLs.
   #  'relative': (Default) Generates URLs like '../../path/to/example.html'.
   #  'absolute': Generates URLs like '/path/to/example.html'.
   url: relative
   #url: absolute
 
   #  Should PHP code in page source be interpreted
   #  'false': page source is never interpreted as PHP
   #  'auto' : interpreted, if page extension :  '.php'
   #  'true' : always interpret PHP in page source
   enable_php_in_page_content: false
 
   #  Should PHP code in file content be interpreted
   #  'false': file content is never interpreted as PHP
   #  'auto' : interpreted, if file extension :  '.php'
   #  'true' : always interpret PHP in file content
   enable_php_in_file_content: false
 
   #  Escape all non-ascii characters to HTML entities.
   #  Normally this is not necessary, if there is a correct charset in the meta-section of your HTML-head.
   #  'true' : Escape all non-ascii-characters
   #  'false': Do nothing (default)
   escape_8bit_characters: false
 
 
 
   #  Content-Negotiation as defined in RFC 2295.
   #  These settings are only considered, if the project setting "use content negotiation" is switched on.
 
   #  if 'true', then the mime-type is omitted in the URL for page links.
   negotiation.page_negotiate_type :  true
 
   #  if 'true', then the language is omitted in the URL for page links.
   negotiation.page_negotiate_language :  true
 
   #  if 'true', then the mime type is omitted in the URL for file links
   negotiation.file_negotiate_type :  true
 
 
   project:
     #  Default publish directory. The edited target directory is appended.
     publish_dir: "/var/www/"
 
     #  Allow paths in target directory
     #  'false': only the base name is taken
     #  'true' : user input is taken with full path
     override_publish_dir: true
 
     #  Default system command.
     #  Vars: {name}    :  project name,
     #        {dir}     :  Target directory,
     #        {dirbase} :  Target directory basename
     system_command: "sudo -u xyz /usr/local/bin/mirror.sh {dirbase}"
     #system_command: 
 
     #  Input overrides the default system command.
     #  'true' or 'false'
     override_system_command: true
 
 
 
 #  FTP configuration
 ftp:
 
   #  for which file extensions the ASCII-Mode should be used
   ascii: html,htm,php
 
   #  'true' : (Default) FTP is enabled
   #  'false': FTP is disabled, f.e. if FTP is not compiled with PHP.
   enable: true
 
   #  Default FTP-Port
   #  Default: '21'
   port: 21
 
   #  Default hostname
   host: "ftp.example.com"
 
   #  Default path
   path: "/path/to/site"
 
   #  Login data
   #  If not specified (default), anonymous login will be used.
   user: agent_smith
   pass: smith
 
 
 replace:
   euro   :  "EUR,&euro;"
   copy   :  "(c),&copy;"
 
 
 
 search:
   #  Settings for the quicksearch field
 
   quicksearch:
     #  Show submit button for quicksearch. Not needed for modern browsers
     show_button: false
 
     #  Search in the name of objects
     search_name: true
 
     #  search in the filename of objects
     search_filename: true
 
     #  search in the description of objects
     search_description: true
 
     #  Search in all text content (slow on big databases!)
     search_content: false
 
 #  Security settings for Openrat - be careful :)
 security:
 
 
   #  All is readonly (for maintanance jobs)
   #  true|false, default:false
   readonly: false
 
   #  Disable publishing
   nopublish: false
 
   #  Unix-UMask for all created files
   #  Default: none (uses system default)
   #  Example: '0022' (means '-rw-r--r--')
   #  Example: '0002' (means '-rw-rw-r--')
   umask: 
 
   #  CHMOD for created files
   #  Default: none
   #  Example: '0644' (means '-rw-r--r--')
   #  Example: '0755' (means '-rwxr-xr-x')
   chmod: 
 
   #  CHMOD for created directories
   #  Default: none
   #  Example: '0755' (means 'drwxr-xr-x')
   #  Example: '0770' (means 'drwxrwx---')
   chmod_dir: 
 
   #  You may disable dynamic code.
   #  dynamic code ("CODE"-Elements in templates) are dangerous, because they may
   #  interact with the file system (and much more!).
 
   #  Hint: only admin users are allowed to save dynamic code.
   #  Enable, if admin users are trustful.
   #  Disable, if admin users are anonym (f.e. demo-installations).
   #  Default: true (for secure default installation).
   disable_dynamic_code :  true
 
 
   #  Enable or disable the displaying of system information
   show_system_info :  true
 
 
   #  Useful against CSRF-attacks, this adds a token to all POST request.
   use_post_token: true
 
   #  Creates a new Session on login.
   #  Useful against session fixation attacks.
   renew_session_login: false
 
   #  Creates a new Session on logout.
   #  Useful against session fixation attacks.
   renew_session_logout: false
 
 
 
   #  Default Login
   #  These values are used for the login form.
 
   #  default: ''
   default:
     username: 
 
     #  default: ''
     password: 
 
 
 
   #  Guest Login
   #  if enabled, a named guest user is automatically logged in.
 
   #  enable auto-login for a guest user.
   guest:
     guest.enable: false
 
     #  Name of the guest user, who is automatically logged in.
     #  This username must exist in your user database.
     guest.user: guest
 
 
 
   #  Type of authorization.
   #  'http' uses the HTTP Basic Authrization.
   #         Only available if PHP is used in the module version.
   #         Not available, if PHP is used via the CGI way.
   #         Only the default database is available (because there is no way to select another one)
   #  'form' shows a login form via a HTML page.
   #  Default: 'form'
   login:
     login.type: form
     #login.type: http
 
 
 
   #  this is the backend where the passwords are checked against.
   #  'database' uses the internal database table as password store.
   #  'authdb'   uses an external database table as password store, see section 'security.auth'.
   #  'ldap'     uses an external LDAP directory for password checking, see section 'ldap'.
   #  'http'     uses an HTTP-Auth Server for password checking
   #  Default: 'database'
   auth:
     type: database
 
     #  per-user setting of the LDAP DN.
     #  'true'  users which have there LDAP-DN explicitly stored are authenticated against LDAP.
     #  'false' no LDAP-DN storage per user.
     userdn: false
 
 
 
   #  A user belongs to certain groups. This information can be stored in 2 ways.
   #  'database' uses the internal database for the user-group-relation. (default)
   #  'ldap' reads the user-group-relations in a LDAP-Directory
   #         (in this case, /security/auth/type has to be set to "ldap", too!)
   #         (see /ldap/authorize!)
   authorize:
     type: database
     #type: ldap
 
 
 
     #  password settings
 
     #  length of automatic generated password
     random_length: 8
 
     #  minimum passwort length
     min_length: 5
 
     #  Password "salt"
     #  ''        : no salt (default)
     #  'id'      : salt the password with userid
     #  'username': salt the password with username
     #  'custom'  : use the 'salt_text'-setting
     #  Default: ''
     salt :  ""
 
     salt_text :  "somerandomtext"
 
 
 
   #  this section is needed if the setting "auth/type" is 'http'.
   #  passwords are checked against another HTTP-Server with Basic Authorization.
 
   #  The URL where an HTTP basic authorization ist required.
   http:
     url :  "http://example.net/restricted-area"
 
 
 
   #  this section is needed if the setting "auth/type" is 'authdb'.
   #  passwords are stored against an external database table.
   #  This is quite useful, if you have another software running (f.e. a forum system)
   #  and so the user must only remember 1 password.
 
   #  'mysql', 'postgresql' or 'sqlite'
   authdb:
     type :  postgresql
 
     user :  dbuser
     password :  dbpassword
     host :  127.0.0.1
     database :  dbname
     persistent :  false
 
     #  the sql which is executed while checking the password.
     #  the variables {username} and {password} are replaced.
     sql :  "select 1 from table where user: {username} and password: md5({password})"
 
     #  if the user exists in the external database, should it
     #  automatically be inserted into the openrat internal table?
     add :  true
 
 
 
   #  SSL Client certificate Authentication
 
   #  The environment variable name which has the username out of the certificate.
   #  See modssl-configuration for more infos:
   #  http://httpd.apache.org/docs/2.0/mod/mod_ssl.html.en#envvars
   #  if blank, ssl client auth is unused (default)
   ssl:
     #user_var: 
     user_var: "REMOTE_USER"
     #user_var: "SSL_CLIENT_S_DN"
     #user_var: "SSL_CLIENT_S_DN_CN"
 
     #  if 'true', you trust the client certificate fully, this is a passwordless login!
     #  take care tto have an useful webserver configuration where you only trust CA-signed certificates.
     #  if 'true', the 'user_var' is needed.
     trust: false
 
 
 
   openid:
     #  Open-ID
     #  see http://openid.net/ for specifications and more informations.
 
     #  Enable Open-ID
     #  default: false
     enable: false
 
     #  Should authenticated users, which are not in your user database, automatically be added?
     #  default: false
     add: false
 
     #  Open-Id Logo
     #  The specification recommends the original Open-Id logo.
     #logo_url:
     logo_url: "http://openid.net/login-bg.gif"
 
     #  Trust-Root
     #  URL-Prefix in which your OpenRat installations are running.
     #  default: <empty> (OpenRat tries to use its own server name)
     trust_root: http://your.server.example/openrat/
     #trust_root: 
 
     #  Trustful servers
     #  Default: '' (all)
     trusted_server: openid1.example.com,openid2.example.com
     #trusted_server: 
 
     #  Should Users fullname and e-mail updated from the OpenId-Server?
     update_user: true
 
     #  Using User-Identitys?
     user_identity: true
 
     #  List of OpenId-Provider to use
     provider:
       #  Special name "identity" for user defined identitys
       name: google
 
       #  location of the providers Yadis-document (XRDS-file)
       example.xrds_uri: http://google.com/accounts
       #  which attribute is used for mappin to the internal database
       example.map_attribute: email
       #  which attribut of internal user database is used
       #  valid values are 'mail', 'username'
       example.map_internal: mail
 
       #  Google supports Open-Id 2.0
       google.xrds_uri: http://google.com/accounts/o8/id
       google.map_attribute: email
       google.name: Google
       google.map_internal: mail
 
       #  Yahoo
       yahoo.xrds_uri: http://??????
       yahoo.map_attribute: usename
       yahoo.map_internal: mail
 
 
 
   #  Single Sign-on
   #  These settings are an example for checking login against "PhpMyAdmin".
   #  PhpMyAdmin must include a link to Openrat with the authid which includes the serialized cookies.
   #  Example: Include this in the file .../phpmyadmin/main.php:
   #  <a href: "https://example.com/openrat/?authid: <?php echo urlencode(serialize($_COOKIE)) ?>">OpenRat</a>
 
   #  use single sign-on? Set to 'true' or 'false'.
   sso:
     enable: false
 
     #  the url against the auth-id will be checked.
     url: "http://localhost/check.php?phpsessid: {id}&check: true"
     #url: "https://www.example.com/phpmyadmin/main.php?server: 1"
 
     #  the name of the parameter, where OpenRat will receive the Id, which will then be checked.
     auth_param_name: authid
 
     #  is the auth-id serialized?
     auth_param_serialized: true
 
     #  the auth-id will be used as a cookie
     cookie: true
 
     #  if the auth-id is no array, use this cookie-name.
     cookie_name: 
 
     force: true
 
     #  leave this blank.
     expect: 
 
     #  this is a regular expression which checks, if the login at the third-party-system is ok.
     expect_regexp: "/running on/"
 
     #  regular expression for find out the username
     #  this example is used for "PhpMyAdmin"
     username_regexp: "/running on localhost as ([a-z]+)@localhost/"
 
 
 
     #  Settings for a new user
 
     #  These groups are automatically added while a new user is inserted.
     #  Default: ''
   newuser:
     groups: YourGroup,AnotherGroup
 
 
 
   #  Logout settings
 
   #  Redirect to this URL after logout
   #  <blank>:  Show Login.
   #  Default: ''
   logout:
     redirect_url: "http://your.intranet.example/"
     #redirect_url:
 
 
 
   #  Show E-Mail-Adress in Administration-Interface.
   #  Default: true. If admin users should not know the mail adresses, set this to false.
   #  Useful for Demo-Installations where a lot of users may have administration rights.
   user:
     show_admin_mail: true
 
     #  Show users e-mail-address to other users.
     #  Default: true.
     show_mail: true
 
     #  Users are able to send mesages to another users via e-mail
     #  (not yet implemented)
     send_message: true
 
 
 
 #  *** The following settings are deprecated and will be removed in one of the next versions.
 wiki:
 
   #  convert simple HTML-tags to wiki-markup (if HTML is disabled)
   convert_html         :  true
 
   #  convert a few BB-code tags to wiki-markup
   convert_bbcode       :  true
 
   #  how strong text is marked
   tag_strong           :  "*"
 
   #  how emphatic text is marked
   tag_emphatic         :  "_"