NoteDiscovery/config.yaml

63 lines
1.8 KiB
YAML
Raw Normal View History

2025-11-05 16:48:41 +00:00
# NoteDiscovery Configuration
app:
name: "NoteDiscovery"
server:
host: "0.0.0.0"
port: 8000
reload: false # Set to true for development
# CORS (Cross-Origin Resource Sharing) configuration
# For self-hosted use, "*" is fine. For production, specify allowed domains.
# Examples: ["http://localhost:8000", "https://yourdomain.com"]
allowed_origins: ["*"]
# Debug mode - shows detailed error messages (DISABLE in production!)
debug: false
2025-11-05 16:48:41 +00:00
storage:
notes_dir: "./data"
2025-11-05 16:48:41 +00:00
plugins_dir: "./plugins"
search:
enabled: true
2026-06-08 09:02:05 +00:00
# User interface behavior
ui:
# Autosave debounce in milliseconds (applies to note typing and drawing autosave).
# Lower = saves more often (more disk writes); higher = saves less often.
# Override via the AUTOSAVE_DELAY_MS env var. Server clamps to 250-60000ms.
autosave_delay_ms: 1000
authentication:
2025-11-14 13:34:19 +00:00
# Authentication settings
# Set enabled to true to require login
2025-12-16 15:55:05 +00:00
enabled: false
2025-11-14 13:34:19 +00:00
2025-11-25 16:39:43 +00:00
# ⚠️ SECURITY WARNING: Change these values before exposing to the internet!
# Default values below are for LOCAL TESTING ONLY
2025-11-14 13:34:19 +00:00
# Session secret key - CHANGE THIS TO A RANDOM STRING!
# Generate with: python -c "import secrets; print(secrets.token_hex(32))"
secret_key: "change_this_to_a_random_secret_key_in_production"
# Password (hashed automatically at startup)
2025-11-25 16:39:43 +00:00
# ⚠️ Default password is "admin" - CHANGE THIS for production!
2026-01-08 15:29:14 +00:00
password: "admin"
2025-11-14 13:34:19 +00:00
# Session expiry in seconds (default: 7 days)
session_max_age: 604800
# API Key Authentication (for external integrations)
# Usage (choose one):
# Authorization: Bearer YOUR_API_KEY
# X-API-Key: YOUR_API_KEY
#
# Generate a secure key with:
# python -c "import secrets; print(secrets.token_hex(32))"
#
# Leave empty to disable API key authentication (only session auth works)
api_key: ""
2025-11-05 16:48:41 +00:00