isso.cfg

# Isso configuration file
# vim: set filetype=ini

[general]

# file location to the SQLite3 database, highly recommended to change this
# location to a non-temporary location!
dbpath = /var/lib/isso/comments.db

# required to dispatch multiple websites, not used otherwise.
name =

# Your website(s). If Isso is unable to connect to at least one site, you'll
# get a warning during startup and comments are most likely non-functional.
#
# You'll need at least one host/website to run Isso. This is due to security
# reasons: Isso uses CORS_ to embed comments and to restrict comments only to
# your website, you have to "whitelist" your website(s).
#
# I recommend the first value to be a non-SSL website that is used as fallback
# if Firefox users (and only those) supress their HTTP referer completely:
#
# host =
#     http://example.tld/
#     https://example.tld/
#
host = http://www.kukumalu.cc

# time range that allows users to edit/remove their own comments.
# It supports years, weeks, days, hours, minutes, seconds.
# 3h45m12s equals to 3 hours, 45 minutes and 12 seconds.
max-age = 15m

# Select notification backend for new comments. Currently, only SMTP is
# available.
# Select notification backend(s) for new comments, separated by comma.
# Available backends:
#
# stdout
#     Log to standard output. Default, if none selected.
# smtp
#     Send notifications via SMTP on new comments with activation (if
#     moderated) and deletion links.
notify = stdout

# Log console messages to file instead of standard out.
log-file = /var/log/isso/isso.log


[moderation]
# enable comment moderation queue. This option only affects new comments.
# Comments in modertion queue are not visible to other users until you activate
# them.
enabled = false

# remove unprocessed comments in moderation queue after given time.
purge-after = 30d


[server]
# interface to listen on. Isso supports TCP/IP and unix domain sockets: UNIX
# domain socket listen = unix:///tmp/isso.sock TCP/IP listen =
# http:///localhost:1234/
#
# When gevent is available, it is automatically used for http:// Currently,
# gevent can not handle http requests on unix domain socket (see #295 and #299
# for details).  Does not apply for uWSGI.
listen = http://localhost:8080

# reload application, when the source code has changed. Useful for development.
# Only works with the internal webserver.
reload = off

# show 10 most time consuming function in Isso after each request. Do not use
# in production.
profile = off


[smtp]
# Isso can notify you on new comments via SMTP. In the email notification, you
# also can moderate (=activate or delete) comments.

# self-explanatory, optional
username =

# self-explanatory (yes, plain text, create a dedicated account for
# notifications), optional.
password =

# SMTP server
host = localhost

# SMTP port
port = 587

# use a secure connection to the server, possible values: none, starttls or
# ssl. Note, that there is no easy way for Python 2.7 and 3.3 to implement
# certification validation and thus the connection is vulnerable to
# Man-in-the-Middle attacks. You should definitely use a dedicated SMTP account
# for Isso in that case.
security = starttls

# recipient address, e.g. your email address
to =

# sender address, e.g. "Foo Bar" <isso@example.tld>
from =

# specify a timeout in seconds for blocking operations like the
# connection attempt.
timeout = 10


[guard]
# Enable basic spam protection features, e.g. rate-limit per IP address (/24
# for IPv4, /48 for IPv6).

# enable guard, recommended in production. Not useful for debugging purposes.
enabled = true

# limit to N new comments per minute.
ratelimit = 2

# how many comments directly to the thread (prevent a simple while true; do
# curl ...; done.
direct-reply = 3

# allow commenters to reply to their own comments when they could still edit
# the comment. After the editing timeframe is gone, commenters can reply to
# their own comments anyways. Do not forget to configure the client.
reply-to-self = true

# force commenters to enter a value into the author field. No validation is
# performed on the provided value.  Do not forget to configure the client
# accordingly.
require-author = true

# require the commenter to enter an email address (note: no validation is
# done on the provided address). Do not forget to configure the client.
require-email = true


[markup]
# Customize markup and sanitized HTML. Currently, only Markdown (via Misaka) is
# supported, but new languages are relatively easy to add.

# Misaka-specific Markdown extensions, all flags starting with EXT_ can be used
# there, separated by comma.
options = strikethrough, autolink, fenced_code, no_intra_emphasis

# Additional HTML tags to allow in the generated output, comma-separated. By
# default, only a, blockquote, br, code, del, em, h1, h2, h3, h4, h5, h6, hr,
# ins, li, ol, p, pre, strong, table, tbody, td, th, thead and ul are allowed.
allowed-elements =

# Additional HTML attributes (independent from elements) to allow in the
# generated output, comma-separated. By default, only align and href are
# allowed.
allowed-attributes =


[hash]
# Customize used hash functions to hide the actual email addresses from
# commenters but still be able to generate an identicon.


# A salt is used to protect against rainbow tables. Isso does not make use of
# pepper (yet). The default value has been in use since the release of Isso and
# generates the same identicons for same addresses across installations.
salt = Eech7co8Ohloopo9Ol6baimi

# Hash algorithm to use -- either from Python's hashlib or PBKDF2 (a
# computational expensive hash function).
#
# The actual identifier for PBKDF2 is pbkdf2:1000:6:sha1, which means 1000
# iterations, 6 bytes to generate and SHA1 as pseudo-random family used for key
# strengthening. Arguments have to be in that order, but can be reduced to
# pbkdf2:4096 for example to override the iterations only.
algorithm = pbkdf2