Configuration Reference: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary Tag: 2017 source edit |
||
| Line 40: | Line 40: | ||
{{#lst:Website Configuration Reference|config}} | {{#lst:Website Configuration Reference|config}} | ||
<blockquote>''See [[Website Configuration Reference]] for full details.''</blockquote> | <blockquote>''See [[Website Configuration Reference]] for full details.''</blockquote> | ||
==SSL Configuration== | |||
{{#lst:SSL Configuration Reference|config}} | |||
<blockquote>''See [[SSL Configuration Reference]] for full details.''</blockquote> | |||
[[Category:Reference]] | [[Category:Reference]] | ||
Revision as of 09:16, 12 July 2019
This article is a Stub. You can help the Sympl Project by expanding it.
The configuration for Sympl is comprised of a number of text files in each domains config directory (i.e. /srv/example.com/config/) and the /etc/sympl directory, which covers system level configurations.
Domain config directory
| File or Directory | Used For | Example content |
|---|---|---|
.../config/dns/
|
This directory contains the automatically generated DNS files in TinyDNS format. | n/a |
.../config/ip
|
Contains a list of IP addresses which a website will be bound to, and mail will be sent from. If not set, defaults to the primary IPs (IPv4 and IPv6) of your server. | 10.11.12.13 2001:0db8:85a3:0000:0000:8a2e:0370:7334
|
.../config/spf
|
Existence of this file will add SPF Records to the automatically generated DNS files. If the file has content, that will be used as the SPF record. | v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 a -all
|
.../config/dkim
|
Existence of this file will enable DKIM record generation and along with the dkim.key file will enable signing of outgoing mails.
The DKIM 'selector' defaults to the short hostname of your server, otherwise any content in this file will be used as the selector in outgoing mails and automatically generated DNS. |
signedmail
|
.../config/dkim.key
|
This key is used to sign outgoing DKIM mails. Required to be able to sign mails, along with the dkim file.
|
An RSA key beginning:
|
.../config/dmarc
|
This file will create a DMARC record in generated DNS files. If the file is not empty, the content will be used as the new DMARC record. | v=DMARC1; p=quarantine; sp=none:300
|
(This table is currently incomplete)
Website Configuration
| File or Directory | Used For | |
|---|---|---|
.../config/ip
|
Contains a list of IP addresses which a website will be bound to. Defaults to the primary IPs (IPv4 and IPv6) of your server. | More... |
.../config/ssl-only
|
Redirects all non-HTTPS traffic for the site to HTTPS. | More... |
.../config/hsts
|
Enables HSTS for HTTPS sites. | More... |
.../config/php
|
Selects the PHP version the site should be run under. Remove the file to default to the bundled version for your distribution. | More... |
.../config/php-modules
|
A list of PHP modules/extension package names for the site which will be installed automatically. | More... |
.../config/php-pool
|
Defines the alphanumeric name of the PHP pool for the site. | More... |
.../config/php-user
|
The local system user to run the PHP process as. | More... |
.../config/php-group
|
The local group to run the PHP process as. | More... |
.../config/disable-php-security
|
Existence of this file will disable some of the PHP security functions in the automatically generated Apache configurations. | More... |
/etc/sympl/php/<version>/includes.d/<pool_name>.conf
|
Configuration changes for a specific PHP pool should be placed here. | More... |
.../config/allow-hidden
|
Existence of this file will allow the website to serve files which are usually hidden. | More... |
.../config/disable-filesystem-security
|
Existence of this file will disable the automatic filesystem security tasks on this domain. | More... |
.../config/public-user
|
UID or user name of the user to change ownership of the public/ directory to. Defaults to www-data.
|
More... |
.../config/public-group
|
GID or group name of the user to change ownership of the public/ directory to. Defaults to www-data.
|
More... |
.../config/stats
|
This file enables automatic generation of web stats with Awffull/Webalizer | More... |
.../config/stats-htaccess
|
A 'htpasswd' format file used to access the web stats. | More... |
.../config/apache.d/example.conf
|
Apache config files to be included in the site configuration. | More... |
See Website Configuration Reference for full details.
SSL Configuration
| File or Directory | Used For | |
|---|---|---|
.../config/ssl-provider
|
Selects the automatic SSL provider to use, or disables automatic SSL generation. | More... |
.../config/ssl/
|
Directory for the SSL certificates and configuration. Permissions are secured with sympl-filesystem-security.
|
More... |
.../config/ssl/current/
|
A symbolic link which points toward the currently active certificate set directory. | More... |
.../config/ssl/set_id/
|
A directory containing the SSL files for the set set_id.
|
More... |
.../config/ssl/set_id/ssl.crt
|
The SSL certificate in X.509 format. | More... |
.../config/ssl/set_id/ssl.key
|
The SSL key in X.509 format. | More... |
.../config/ssl/set_id/ssl.bundle
|
The SSL intermediate certificate in X.509 format. | More... |
.../config/ssl/set_id/ssl.combined
|
A combination of ssl.crt, ssl.bundle and ssl.key, in that order.
|
More... |
.../config/ssl/set_id/ssl.csr
|
The Certificate Signing Request. file in X.509 format. | More... |
.../config/ssl/letsencrypt/email
|
Email address for Let's Encrypt registration and notices. This defaults to root@your-server-hostname so may need to be changed from the default if your server does not have a publicly visible name.
|
More... |
.../config/ssl/letsencrypt/rsa_key_size
|
The size in bits of the public RSA key generated for the SSL certificate. Defaults to 2048.
|
More... |
.../config/ssl/letsencrypt/endpoint
|
The Let's Encrypt API endpoint to use. Defaults to https://acme-v02.api.letsencrypt.org/directory.
|
More... |
.../config/ssl/letsencrypt/docroot
|
The document root for the domain, used to confirm ownership. Defaults to /srv/example.com/public/htdocs.
|
More... |
.../config/ssl/letsencrypt/account_key
|
The private RSA key for this Let's Encrypt account. Generated automatically if not present. | More... |
.../config/ssl/selfsigned/rsa_key_size
|
The size in bits of the public RSA key generated for the SSL certificate. Defaults to 2048.
|
More... |
.../config/ssl/selfsigned/lifetime
|
The length in days the certificate should be valid for. Defaults to 365.
|
More... |
See SSL Configuration Reference for full details.