mailtrain/server/config/default.yaml

328 lines
12 KiB
YAML

# This file is the default config file for Mailtrain. To use a environment specific
# configuration add new file {ENV}.{ext} (eg. production.yaml) to the same folder.
# {ENV} is defined by NODE_ENV environment variable.
#
# Do not modify this file directly, otherwise you might lose your modifications when upgrading
#
# You should only define the options you want to change in your additional config file.
# For example if the only thing you want to change is the port number for the www server
# then your additional config file should look like this:
# # production.yaml
# www:
# port: 80
# Process title visible in monitoring logs and process listing
title: mailtrain
# GDPR related settings (https://en.wikipedia.org/wiki/General_Data_Protection_Regulation)
gdpr:
# If enabled, after a user unsubscribes or complains, his/her data are removed from the subscription.
# Only hashed email remains to prevent resubscription via import
deleteDataAfterUnsubscribe:
enabled: true
secondsAfterUnsubscribe: 86400 # 1 day
# If enabled, after the time below, an entry of a subscriber that unsubscribed or complained
# is completely removed from the subscribers list (including the hashed email)
deleteSubscriptionAfterUnsubscribe:
enabled: true
secondsAfterUnsubscribe: 2592000 # 30 days
# Enabled HTML editors
editors:
- grapesjs
- mosaico
- mosaicoWithFsTemplate
- ckeditor4
- codeeditor
# Default language to use
defaultLanguage: en-US
# Enabled languages
enabledLanguages:
- en-US
- fk-FK
# Inject custom scripts in subscription/layout.mjml.hbs
# customSubscriptionScripts: [/custom/hello-world.js]
# Enable to use Redis session cache or disable if Redis is not installed
redis:
enabled: false
host: localhost
port: 6379
db: 5
# Uncomment if your Redis installation requires a password
# password=""
# If you start out as a root user (eg. if you want to use ports lower than 1000)
# then you can downgrade the user once all services are up and running
#user: mailtrain
#group: mailtrain
# If Mailtrain is started as root, Reports feature drops the privileges of script generating the report to disallow
# any modifications of Mailtrain code and even prohibits reading the production configuration (which contains the MySQL
# password for read/write operations). The roUser/roGroup determines the user to be used
#roUser: nobody
#roGroup: nogroup
log:
# silly|verbose|info|http|warn|error|silent
level: info
www:
# HTTP port to listen on for trusted requests (logged-in users)
trustedPort: 3000
# HTTP port to listen on for sandboxed requests (logged-in users)
sandboxPort: 3003
# HTTP port to listen on for public requests (campaign recipients)
publicPort: 3004
# HTTP interface to listen on
host: 0.0.0.0
# URL base for trusted urls (logged-in users). It must be absolute (starting with http:// or https://). If Mailtrain is served on
# a non-standard port (e.g. 3000), the URL must also specify the port.
trustedUrlBase: http://localhost:3000
# URL base for sandbox urls (logged-in users). It must be absolute (starting with http:// or https://) and contain the sandbox port.
sandboxUrlBase: http://localhost:3003
# URL base for public urls (campaign recipients). It must be absolute (starting with http:// or https://) and contain the sandbox port.
publicUrlBase: http://localhost:3004
# Secret for signing the session ID cookie
secret: a cat
# Session length in seconds when remember me is checked
remember: 2592000 # 30 days
# logger interface for expressjs morgan
log: dev
# Is the server behind a proxy? true/false
# Set this to true if you are serving Mailtrain as a virtual domain through Nginx or Apache
proxy: false
# maximum POST body size
postSize: 2MB
mysql:
host: localhost
user: mailtrain
password: mailtrain
database: mailtrain
# Some installations, eg. MAMP can use a different port (8889)
# MAMP users should also turn on Allow network access to MySQL otherwise MySQL might not be accessible
port: 3306
charset: utf8mb4
# The timezone configured on the MySQL server. This can be 'local', 'Z', or an offset in the form +HH:MM or -HH:MM
# If the MySQL server runs on the same server as Mailtrain, use 'local'
timezone: local
verp:
# Enable to start an MX server that detects bounced messages using VERP
# In most cases you do not want to use it
# Requires root privileges
enabled: false
port: 25
host: 0.0.0.0
ldap:
# enable to use ldap user backend
enabled: false
# method is ldapjs or ldapauth - it chooses the library to be used. If not given, it chooses the one present.
# method: ldapjs
host: localhost
port: 3002
baseDN: ou=users,dc=company
filter: (|(username={{username}})(mail={{username}}))
# Username field in LDAP (uid/cn/username)
uidTag: username
# nameTag identifies the attribute to be used for user's full name
nameTag: username
passwordresetlink:
newUserRole: master
# Global namespace id
newUserNamespaceId: 1
# Use a different user to bind LDAP (final bind DN will be: {{uidTag}}: {{bindUser}},{{baseDN}})
bindUser: name@company.net
bindPassword: mySecretPassword
postfixbounce:
# Enable to allow writing Postfix bounce log to Mailtrain listener
# If enabled, tail mail.log to Mailtrain with the following command:
# tail -f -n +0 /var/log/mail.log | nc localhost 5699 -
enabled: false
port: 5699
# allow connections from localhost only
host: 127.0.0.1
# extra options for nodemailer
nodemailer:
#textEncoding: base64
queue:
# How many parallel sender processes to spawn
processes: 2
cors:
# Allow subscription widgets to be embedded
# origins: ['https://www.example.com']
mosaico:
# Installed templates
fsTemplates:
- key: versafix-1
label: Versafix One
# Inject custom scripts
# customscripts:
# - /mosaico/custom/my-mosaico-plugin.js
grapesjs:
# Installed templates
templates:
- key: demo
label: HTML Template
- key: aves
label: MJML Template
reports:
# The whole reporting functionality can be disabled below if the they are not needed and the DB cannot be
# properly protected.
# Reports rely on custom user defined Javascript snippets defined in the report template. The snippets are run on the
# server when generating a report. As these snippets are stored in the DB, they pose a security risk because they can
# help gaining access to the server if the DB cannot
# be properly protected (e.g. if it is shared with another application with security weaknesses).
# Mailtrain mitigates this problem by running the custom Javascript snippets in a chrooted environment and under a
# DB user that cannot modify the database (see userRO in [mysql] above). However the chrooted environment is available
# only if Mailtrain is started as root. The chrooted environment still does not prevent the custom JS script in
# performing network operations and in generating XSS attacks as part of the report.
# The bottom line is that if people who are creating report templates or have write access to the DB cannot be trusted,
# then it's safer to switch off the reporting functionality below.
enabled: true
testServer:
# Starts a vanity server that redirects all mail to /dev/null
# Mostly needed for local development
enabled: false
port: 5587
mailboxServerPort: 3001
host: 0.0.0.0
username: testuser
password: testpass
logger: false
builtinZoneMTA:
enabled: true
host: localhost
port: 2525
mongo: mongodb://127.0.0.1:27017/zone-mta
redis: redis://localhost:6379/2
log:
level: warn
processes: 2
connections: 5
seleniumWebDriver:
browser: phantomjs
roles:
global:
master:
name: Global Master
admin: true
description: All permissions
permissions: [rebuildPermissions, createJavascriptWithROAccess, manageBlacklist, manageSettings, setupAutomation]
rootNamespaceRole: master
campaignsAdmin:
name: Campaigns Admin
description: Under the namespace in which the user is located, the user has all permissions for managing lists, templates and campaigns and the permission to send to send configurations.
permissions: [setupAutomation]
ownNamespaceRole: campaignsAdmin
nobody:
name: None
description: No permissions
permissions: []
namespace:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createReportTemplate, createTemplate, createMosaicoTemplate, createSendConfiguration, createCampaign, manageUsers]
children:
sendConfiguration: [viewPublic, viewPrivate, edit, delete, share, sendWithoutOverrides, sendWithAllowedOverrides, sendWithAnyOverrides]
list: [view, edit, delete, share, viewFields, manageFields, viewSubscriptions, manageSubscriptions, viewSegments, manageSegments, viewImports, manageImports]
customForm: [view, edit, delete, share]
campaign: [view, edit, delete, share, viewFiles, manageFiles, viewAttachments, manageAttachments, viewTriggers, manageTriggers, send, viewStats, fetchRss]
template: [view, edit, delete, share, viewFiles, manageFiles]
report: [view, edit, delete, share, execute, viewContent, viewOutput]
reportTemplate: [view, edit, delete, share, execute]
mosaicoTemplate: [view, edit, delete, share, viewFiles, manageFiles]
namespace: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createReportTemplate, createTemplate, createMosaicoTemplate, createSendConfiguration, createCampaign, manageUsers]
campaignsAdmin:
name: Campaigns Admin
description: Under the namespace in which the user is located, the user has all permissions for managing lists, templates and campaigns and the permission to send to send configurations.
permissions: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createTemplate, createMosaicoTemplate, createCampaign]
children:
sendConfiguration: [viewPublic, sendWithoutOverrides, sendWithAllowedOverrides]
list: [view, edit, delete, share, viewFields, manageFields, viewSubscriptions, manageSubscriptions, viewSegments, manageSegments, viewImports, manageImports]
customForm: [view, edit, delete, share]
campaign: [view, edit, delete, share, viewFiles, manageFiles, viewAttachments, manageAttachments, viewTriggers, manageTriggers, send, viewStats, fetchRss]
template: [view, edit, delete, share, viewFiles, manageFiles]
report: [view, edit, delete, share, execute, viewContent, viewOutput]
reportTemplate: [view, share, execute]
mosaicoTemplate: [view, edit, delete, share, viewFiles, manageFiles]
namespace: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createTemplate, createMosaicoTemplate, createCampaign]
sendConfiguration:
master:
name: Master
description: All permissions
permissions: [viewPublic, viewPrivate, edit, delete, share, sendWithoutOverrides, sendWithAllowedOverrides, sendWithAnyOverrides]
list:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, viewFields, manageFields, viewSubscriptions, manageSubscriptions, viewSegments, manageSegments, viewImports, manageImports]
customForm:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share]
campaign:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, viewFiles, manageFiles, viewAttachments, manageAttachments, viewTriggers, manageTriggers, send, viewStats, manageMessages, fetchRss]
rssTrigger:
name: RSS Campaign Trigger
description: Allows triggering a fetch of an RSS campaign
permissions: [fetchRss]
template:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, viewFiles, manageFiles]
report:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, execute, viewContent, viewOutput]
reportTemplate:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, execute]
mosaicoTemplate:
master:
name: Master
description: All permissions
permissions: [view, edit, delete, share, viewFiles, manageFiles]