-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdiato.conf
More file actions
60 lines (43 loc) · 1.42 KB
/
diato.conf
File metadata and controls
60 lines (43 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# insert-response-header = X-Robots-Tag noindex, nofollow, nosnippet, noarchive
[diato]
# http-socket-path = /var/run/diato/http.socket
# http-socket-path = /var/run/diato/https.socket
http-socket-path = ./http.socket
https-socket-path = ./https.socket
chroot = /var/run/diato/chroot/
worker-count = 4
# Load (.pem) X509 keys + certificates from this directory,
# watch it for changes and automatically (un)load these
# files as they're removed or added.
# tls-cert-dir = "/etc/diato/tls/"
tls-cert-dir = "./tls/"
[filemap-userbackend]
enabled = true
# The path to use for the user bckend. File is automatically loaded as it's
# updated through inotify. Expects a format in the form of:
# domain1.tld host:port\n
# domain2.tld host:port\n
# path = /etc/diato/usermap.cf
path = ./usermap.cf
# Do not load a new map if this number of entries is not reached.
#min-entries = 1000
min-entries = 1
[listen "http-80"]
bind = ":80"
proxy-protocol = true
[listen "https-443"]
bind = ":443"
tls-enable = true
proxy-protocol = true
[elasticsearch]
# Request logs can be stored in ElasticSearch for furhter analysis.
enabled = false
# It's possible to specify multiple URL's by simply repeating them
url = "http://127.0.0.1:9200"
# Automatically detect what other elasticsearch nodes are available
# and use those as well.
sniff = false
[modsecurity]
enabled = false
# rules-file = /etc/diato/modsecurity/*.conf
# rules-file = ./modsec-rules/**/*.conf