The Setting File

The settings file is required to set basic option for your Inboxen instance. It contains some secret information such as the secret_key, you should ensure the permissions are set correctly and also that this file is kept safe as without it sessions, cookie storage and along with other things rely on this will not work 0.

The Inboxen settings file can be located in several places on a system, it will use the first one it finds. Inboxen looks for the files in this order:

  1. The path specified in the environment variable: INBOXEN_CONFIG

  2. ~/.config/inboxen/inboxen.config

  3. inboxen.config in the current working directory

  4. inboxen.config inside the base directory of the Inboxen project

If you’re familiar with Django and would like to use your own settings module, you can set DJANGO_SETTINGS_MODULE in the usual way 1.

Example configuration

This also contains the default values for all configuration values.

admins: []
allowed_hosts: []
cache:
  backend: "django.core.cache.backends.filebased.FileBasedCache"
  location: "inboxen_cache"
  timeout: 300
database:
    host: ""
    name: "inboxen"
    password: ""
    port: ""
    user: ""
debug: false
enable_registration: false
inbox_length: 6
language_code: "en-gb"
media_root: "media_content"
per_user_email_quota: 0
ratelimits:
    inbox:
        count: 100
        window: 1440
    login:
        count: 5
        window: 60
    register:
        count: 5
        window: 30
    single_email:
        count: 100
        window: 60
server_email: "django@localhost"
site_name: "LazyAdmin.com's Inboxen"
source_link: "https://github.com/Inboxen/Inboxen"
static_root: "static_content"
tasks:
    always_eager: false
    broker_url: "amqp://guest:guest@localhost:5672//"
    concurrency: 3
    liberation:
        path: "liberation_store"
        sendfile_backend: "django_sendfile.backends.simple"
time_zone: "UTC"

Minimum Development Configuration

To hit the ground running, the minimum you need to setup a development instance is:

secret_key: something-secret
debug: true

Options

secret_key

This is used as the global salt for cryptographic signing throughout Inboxen. This is security sensitive and should be generated using a random number generator. It’s strongly suggested you use at least 50 characters of numbers, both case characters and symbols from a high entropy source.

admins

This should be pairs of values denoting the name and email address of your admins, like so:

admins:
  - - Me
    - me@example.com
  - - You
    - you@example.com

allowed_hosts

This is a list of domains and/or IPs that Django will serve Inboxen on. There is support for wildcards, the syntax of which can be found in the Django documentation.

debug

Enabling this puts Inboxen into debug mode, this should never be used in a production environment as it exposes the state of some calls in Inboxen including the settings file. This should be used when developing on Inboxen as it allows for tracebacks to be displayed instead of emailed and disables allowed_hosts checking.

enable_registration

A boolean flag which controls if the Inboxen instance permits registration, if disabled the site will not allow new users to be created through the public facing site and disables the links to the registration page.

language_code

This specifies the language code that is used as a fallback when one can’t be detected by Django’s locale middleware (or if the middleware is disabled). This should be set to a standard language ID format 2.

static_root

This specifies where the directory is for serving static files. Django will use this directory to place static files when using:

python manage.py collectstatic

meida_root

This specifies where the directory is for uploading media via the CMS. It should be writable by the Django app.

server_email

The email the server uses when sending emails.

site_name

The name of the site as displayed in page titles.

time_zone

The timezone used for the site, this is used for example when storing dates in the database.

per_user_email_quota

If not 0, this is the maximum number of emails a user can have before they need to delete some. This deletion can be done automatically if the user prefers.

ratelimits

Rate limits control various parts of Inboxen. Each rate limit section has a window (the timeframe a rate limit should be considering) and a count (the maximum number of times whatever that rate limit is protecting can happen with a window).

The following rate limits are available:

inbox

Controls how often a single user can create an inbox. Useful to prevent someone from exhausting all available inboxes.

login

Controls how often a user can try to login. This slows down password guessing attempts, but can block users who genuinely can’t remember their passwords.

register

Controls how often a given IP can register a new account. Prevents circumventing of the inbox ratelimit.

single_email

Controls how often a user can download a single email. This is quite an intense workload for the server, so it is ratelimited to prevent the instance becoming overloaded.

tasks

broker_url

The URL that celery will look at to find tasks and to store results.

concurrency

The number of celery processes to start

liberation

path

Specifies the path where to store the liberation data. This needs to be kept secure as it will contain user data.

sendfile_backend

Which method should be used to accelerate liberation data downloads. This should be a dotted path to the django_sendfile2 backend you wish to use.

database

name

The name of the database.

user

User used when connecting to PostgreSQL.

password

The password used when connecting to PostgreSQL.

host

The host name or IP address to connect to for PostgreSQL.

port

The port to connect to for PostgreSQL.

Cache

backend

The dotted path of the cache module you’d like to use.

timeout

The number of seconds before a cache entry is considered stale.