mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 02:15:46 +08:00
59cd7894d9
If a particular path is being hit extremely hard by logged on users, revert to anonymous cached view. This will only come into effect if 3 requests queue for longer than 2 seconds on a *single* path. This can happen if a URL is shared with the entire forum base and everyone is logged on
205 lines
5.4 KiB
Plaintext
205 lines
5.4 KiB
Plaintext
#
|
|
# DO NOT EDIT THIS FILE
|
|
# If you need to make changes create a file called discourse.conf in this directory with your changes
|
|
# On import this file will be imported using ERB
|
|
#
|
|
|
|
# Discourse supports multiple mechanisms for production config.
|
|
#
|
|
# 1. You can do nothing and get these defaults (not recommended, you should at least set hostname)
|
|
# 2. You can copy this file to config/discourse.conf and amend with your settings
|
|
# 3. You can pass in config from your environment, all the settings below are available.
|
|
# Append DISCOURSE_ and upper case the setting in ENV. For example:
|
|
# to pass in db_timeout of 200 you would use DISCOURSE_DB_TIMEOUT=200
|
|
|
|
# All settings apply to production only
|
|
|
|
# connection pool size, sidekiq is set to 5, allowing an extra 3 for bg threads
|
|
db_pool = 8
|
|
|
|
# ActiveRecord connection pool timeout in milliseconds
|
|
db_timeout = 5000
|
|
|
|
# Database connection timeout in seconds
|
|
db_connect_timeout = 5
|
|
|
|
# socket file used to access db
|
|
db_socket =
|
|
|
|
# host address for db server
|
|
# This is set to blank so it tries to use sockets first
|
|
db_host =
|
|
|
|
# host address for db server when taking a backup via `pg_dump`
|
|
# Defaults to `db_host` if not configured
|
|
db_backup_host =
|
|
|
|
# port running db server, no need to set it
|
|
db_port =
|
|
|
|
# db server port to use when taking a backup via `pg_dump`
|
|
db_backup_port = 5432
|
|
|
|
# database name running discourse
|
|
db_name = discourse
|
|
|
|
# username accessing database
|
|
db_username = discourse
|
|
|
|
# password used to access the db
|
|
db_password =
|
|
|
|
# Disallow prepared statements
|
|
# see: https://github.com/rails/rails/issues/21992
|
|
db_prepared_statements = false
|
|
|
|
# host address for db replica server
|
|
db_replica_host =
|
|
|
|
# port running replica db server, defaults to 5432 if not set
|
|
db_replica_port =
|
|
|
|
# hostname running the forum
|
|
hostname = "www.example.com"
|
|
|
|
# backup hostname mainly for cdn use
|
|
backup_hostname =
|
|
|
|
# address of smtp server used to send emails
|
|
smtp_address =
|
|
|
|
# port of smtp server used to send emails
|
|
smtp_port = 25
|
|
|
|
# domain passed to smtp server
|
|
smtp_domain =
|
|
|
|
# username for smtp server
|
|
smtp_user_name =
|
|
|
|
# password for smtp server
|
|
smtp_password =
|
|
|
|
# smtp authentication mechanism
|
|
smtp_authentication = plain
|
|
|
|
# enable TLS encryption for smtp connections
|
|
smtp_enable_start_tls = true
|
|
|
|
# mode for verifying smtp server certificates
|
|
# to disable, set to 'none'
|
|
smtp_openssl_verify_mode =
|
|
|
|
# load MiniProfiler in production, to be used by developers
|
|
load_mini_profiler = true
|
|
|
|
# recommended, cdn used to access assets
|
|
cdn_url =
|
|
|
|
# comma delimited list of emails that have developer level access
|
|
developer_emails =
|
|
|
|
# redis server address
|
|
redis_host = localhost
|
|
|
|
# redis server port
|
|
redis_port = 6379
|
|
|
|
# redis slave server address
|
|
redis_slave_host =
|
|
|
|
# redis slave server port
|
|
redis_slave_port = 6379
|
|
|
|
# redis database
|
|
redis_db = 0
|
|
|
|
# redis password
|
|
redis_password =
|
|
|
|
# redis sentinels eg
|
|
# redis_sentinels = 10.0.0.1:26381,10.0.0.2:26381
|
|
redis_sentinels =
|
|
|
|
# enable Cross-origin Resource Sharing (CORS) directly at the application level
|
|
enable_cors = false
|
|
cors_origin = ''
|
|
|
|
# enable if you really need to serve assets in prd
|
|
serve_static_assets = false
|
|
|
|
# number of sidekiq workers (launched via unicorn master)
|
|
sidekiq_workers = 5
|
|
|
|
# adjust stylesheets to rtl (requires "rtlit" gem)
|
|
rtl_css = false
|
|
|
|
# notify admin when a new version of discourse is released
|
|
# this is global so it is easier to set in multisites
|
|
# TODO allow for global overrides
|
|
new_version_emails = true
|
|
|
|
# connection reaping helps keep connection counts down, postgres
|
|
# will not work properly with huge numbers of open connections
|
|
# reap connections from pool that are older than 30 seconds
|
|
connection_reaper_age = 30
|
|
# run reap check every 30 seconds
|
|
connection_reaper_interval = 30
|
|
# also reap any connections older than this
|
|
connection_reaper_max_age = 600
|
|
|
|
# set to relative URL (for subdirectory hosting)
|
|
# IMPORTANT: path must not include a trailing /
|
|
# EG: /forum
|
|
relative_url_root =
|
|
|
|
# increasing this number will increase redis memory use
|
|
# this ensures backlog (ability of channels to catch up are capped)
|
|
# message bus default cap is 1000, we are winding it down to 100
|
|
message_bus_max_backlog_size = 100
|
|
|
|
# must be a 64 byte hex string, anything else will be ignored with a warning
|
|
secret_key_base =
|
|
|
|
# fallback path for all assets which are served via the application
|
|
# used by static_controller
|
|
# in multi host setups this allows you to have old unicorn instances serve
|
|
# newly compiled assets
|
|
fallback_assets_path =
|
|
|
|
# S3 settings used for serving ALL public files
|
|
# be sure to configre a CDN as well per cdn_url
|
|
s3_bucket =
|
|
s3_region =
|
|
s3_access_key_id =
|
|
s3_secret_access_key =
|
|
s3_use_iam_profile = false
|
|
s3_cdn_url =
|
|
|
|
|
|
### rate limits apply to all sites
|
|
max_user_api_reqs_per_minute = 20
|
|
max_user_api_reqs_per_day = 2880
|
|
|
|
max_admin_api_reqs_per_key_per_minute = 60
|
|
|
|
max_reqs_per_ip_per_minute = 200
|
|
max_reqs_per_ip_per_10_seconds = 50
|
|
|
|
# applies to asset type routes (avatars/css and so on)
|
|
max_asset_reqs_per_ip_per_10_seconds = 200
|
|
|
|
# global rate limiter will simply warn if the limit is exceeded, can be warn+block, warn, block or none
|
|
max_reqs_per_ip_mode = none
|
|
|
|
# bypass rate limiting any IP resolved as a private IP
|
|
max_reqs_rate_limit_on_private = false
|
|
|
|
# logged in DoS protection
|
|
|
|
# protection will only trigger for requests that queue longer than this amount
|
|
force_anonymous_min_queue_seconds = 2
|
|
# only trigger anon if we see more than N requests for this path in last 10 seconds
|
|
force_anonymous_min_per_10_seconds = 3
|
|
|