ansible/flaskpaste
1
0
Fork 0
forked from claw/flaskpaste
Code Pull Requests Activity
Files
cf458347ef4c911e8451d8ea2edf4792d3d27244
flaskpaste/examples/flaskpaste.env
Username cf458347ef add systemd service unit and rate limit headers 
Systemd deployment:
- examples/flaskpaste.service with security hardening
- examples/flaskpaste.env with all config options
- README deployment section updated

Rate limit headers (X-RateLimit-*):
- Limit, Remaining, Reset on 201 and 429 responses
- Per-IP tracking with auth multiplier
- api.md documented
2025-12-24 17:51:14 +01:00

49 lines
1.2 KiB
Bash
Raw Blame History

# FlaskPaste environment configuration
# Install: sudo mkdir -p /etc/flaskpaste && sudo cp flaskpaste.env /etc/flaskpaste/env
# Permissions: sudo chmod 600 /etc/flaskpaste/env
# Flask environment
FLASK_ENV=production
# Database path
FLASKPASTE_DB=/opt/flaskpaste/data/pastes.db
# Paste limits
FLASKPASTE_MAX_ANON=3145728
FLASKPASTE_MAX_AUTH=52428800
# Expiry (tiered by authentication level)
FLASKPASTE_EXPIRY_ANON=86400
FLASKPASTE_EXPIRY_UNTRUSTED=604800
FLASKPASTE_EXPIRY_TRUSTED=2592000
# Proof-of-work (set to 0 to disable)
FLASKPASTE_POW_DIFFICULTY=20
FLASKPASTE_POW_TTL=300
# Anti-flood
FLASKPASTE_ANTIFLOOD=1
FLASKPASTE_ANTIFLOOD_THRESHOLD=5
FLASKPASTE_ANTIFLOOD_MAX=28
# Rate limiting
FLASKPASTE_RATE_LIMIT=1
FLASKPASTE_RATE_WINDOW=60
FLASKPASTE_RATE_MAX=10
FLASKPASTE_RATE_AUTH_MULT=5
# Content deduplication
FLASKPASTE_DEDUP_WINDOW=3600
FLASKPASTE_DEDUP_MAX=3
# URL prefix (for reverse proxy path-based routing)
# FLASKPASTE_URL_PREFIX=/paste
# Proxy trust (set shared secret for header validation)
# FLASKPASTE_PROXY_SECRET=your-secret-here
# PKI (uncomment to enable certificate authority)
# FLASKPASTE_PKI_ENABLED=1
# FLASKPASTE_PKI_CA_PASSWORD=change-this-secure-password
# FLASKPASTE_PKI_CERT_DAYS=365
View Git Blame Copy Permalink