noggin.cfg.example

# This is useful for development, disable it in prod
# https://flask.palletsprojects.com/en/1.1.x/config/#TEMPLATES_AUTO_RELOAD
TEMPLATES_AUTO_RELOAD = True

# IPA settings
FREEIPA_SERVERS = ['ipa.noggin.test']
FREEIPA_CACERT = '/etc/ipa/ca.crt'

# Any user with admin privileges
FREEIPA_ADMIN_USER = 'admin'
FREEIPA_ADMIN_PASSWORD = 'adminPassw0rd!'

# UI theme to use, possible themes are in noggin/themes
# THEME = "default"

# Generate with:
# >>> from cryptography.fernet import Fernet
# >>> Fernet.generate_key()
FERNET_SECRET = b'G8ObvrpEEwbjWUO9rU1qAkDQRafAFd39heVKYf6TZi8='

# Session secret
# https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY
SECRET_KEY = b'monkiesmonkiesmonkiesmonkiesmonkies!!!1111monkies'

# https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_HTTPONLY
SESSION_COOKIE_HTTPONLY = True

# Set to True for prod
# https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_SECURE
SESSION_COOKIE_SECURE = False

# Default values for new users
# USER_DEFAULTS = {
#     "locale": "en-US",
#     "timezone": "UTC",
#     "status_note": "active",
# }

# Set this to False to disable registration
# REGISTRATION_OPEN = True

# How many minutes before the new account activation link expires
# ACTIVATION_TOKEN_EXPIRATION = 30

# How many minutes before a password reset request expires
PASSWORD_RESET_EXPIRATION = 10

# This should be set and updated to reflect IPA's password policy.
# PASSWORD_POLICY = {
#     "min": 8, "max": -1
# }

# A temporary directory to store password reset request locks
# PASSWORD_RESET_LOCK_DIR = "/tmp/noggin-pw-reset"

# Email sender
# https://pythonhosted.org/Flask-Mail/#configuring-flask-mail
MAIL_DEFAULT_SENDER = "Noggin <noggin@example.com>"

# Set to False for prod
# https://pythonhosted.org/Flask-Mail/#configuring-flask-mail
MAIL_SUPPRESS_SEND = True

# Email domains that a user cannot use to register or change to
# MAIL_DOMAIN_BLOCKLIST = ['fedoraproject.org']

# Allowed format for usernames
# ALLOWED_USERNAME_PATTERN = "^[a-z0-9][a-z0-9-]{3,30}[a-z0-9]$"
# This next value is used to build the error message
# ALLOWED_USERNAME_HUMAN = ["a-z", "0-9", "-"]

# URL for the avatar service, typically either
# AVATAR_SERVICE_URL = "https://seccdn.libravatar.org/"
# or
# AVATAR_SERVICE_URL = "https://gravatar.com/"

# The default to show if a user has not set an avatar with the service
# other options are: "mp", "identicon", "monsterid", "wavatar", "retro", "robohash"
# AVATAR_DEFAULT_TYPE = "robohash"

# Probe endpoints for OpenShift
# https://github.com/fedora-infra/flask-healthz/
# HEALTHZ = {
#     "live": "noggin.controller.root.liveness",
#     "ready": "noggin.controller.root.readiness",
# }

# Page size when paginating results
# PAGE_SIZE = 30

# IPA role allowed to modify and delete stage users. The stage users admin page
# will only be accessible to users that have this role.
# STAGE_USERS_ROLE = "Stage User Managers"

# Additional directories to look up folders in. The templates in these directories
# will override the app's template with the same filename. You can also create the
# following templates to insert HTML in the output:
# - `after-navbar.html`: will be inserted between the navbar and the main content
#   on every page
# - `before-footer.html`: will be inserted between the main content and the footer
#   on every page
# - `head.html`: will be inserted at the end of the <head> tag on every page
# TEMPLATES_CUSTOM_DIRECTORIES = []

# The following sources will be added to the Content Security Policy for images.
# This can be useful if you want to add images in custom templates.
# https://content-security-policy.com/img-src/
# ACCEPT_IMAGES_FROM = []

# Spam checking
# BASSET_URL = None
# SPAMCHECK_TOKEN_EXPIRATION = 60  # in minutes

# Set to False to disable Fedora Messaging integration
# FEDORA_MESSAGING_ENABLED = True