-
-
Notifications
You must be signed in to change notification settings - Fork 204
Expand file tree
/
Copy pathconfig.yaml
More file actions
55 lines (42 loc) · 1.52 KB
/
config.yaml
File metadata and controls
55 lines (42 loc) · 1.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# NoteDiscovery Configuration
app:
name: "NoteDiscovery"
server:
host: "0.0.0.0"
port: 8000
reload: false # Set to true for development
# CORS (Cross-Origin Resource Sharing) configuration
# For self-hosted use, "*" is fine. For production, specify allowed domains.
# Examples: ["http://localhost:8000", "https://yourdomain.com"]
allowed_origins: ["*"]
# Debug mode - shows detailed error messages (DISABLE in production!)
debug: false
storage:
notes_dir: "./data"
plugins_dir: "./plugins"
search:
enabled: true
authentication:
# Authentication settings
# Set enabled to true to require login
enabled: false
# ⚠️ SECURITY WARNING: Change these values before exposing to the internet!
# Default values below are for LOCAL TESTING ONLY
# Session secret key - CHANGE THIS TO A RANDOM STRING!
# Generate with: python -c "import secrets; print(secrets.token_hex(32))"
secret_key: "change_this_to_a_random_secret_key_in_production"
# Password (hashed automatically at startup)
# ⚠️ Default password is "admin" - CHANGE THIS for production!
password: "admin"
# Session expiry in seconds (default: 7 days)
session_max_age: 604800
# API Key Authentication (for external integrations)
# Usage (choose one):
# Authorization: Bearer YOUR_API_KEY
# X-API-Key: YOUR_API_KEY
#
# Generate a secure key with:
# python -c "import secrets; print(secrets.token_hex(32))"
#
# Leave empty to disable API key authentication (only session auth works)
api_key: ""