6. Configure an instance#
While creating an instance, a configuration file is generated in:
$ (CW_INSTANCES_DIR) / <instance> / <configuration name>.conf
For example:
/etc/cubicweb.d/myblog/all-in-one.conf
It is a simple text file in the INI format (http://en.wikipedia.org/wiki/INI_file). In the following description, each option name is prefixed with its own section and followed by its default value if necessary, e.g. â<section>.<option> [value].â
Note
At runtime, configuration options can be overriden by environments
variables which name follows the option name with -
replaced by _
and a CW_
prefix. For instance CW_BASE_URL=https://www.example.com
would override the base-url
configuration option.
6.1. Configuring the Web server#
- web.auth-model [cookie]
authentication mode, cookie or http
- web.realm
realm of the instance in http authentication mode
- web.http-session-time [0]
period of inactivity of an HTTP session before it closes automatically. Duration in seconds, 0 meaning no expiration (or more exactly at the closing of the browser client)
- main.anonymous-user, main.anonymous-password
login and password to use to connect to the RQL server with HTTP anonymous connection. CWUser account should exist.
- main.base-url
url base site to be used to generate the urls of web pages
6.2. Setting up the web client#
- web.embed-allowed
regular expression matching sites which could be âembeddedâ in the site (controllers âembedâ)
- web.submit-url
url where the bugs encountered in the instance can be mailed to
6.3. RQL server configuration#
- main.host
host name if it can not be detected correctly
- main.pid-file
file where will be written the server pid
- main.uid
user account to use for launching the server when it is root launched by init
- main.session-time [30*60]
timeout of a RQL session
- main.query-log-file
file where all requests RQL executed by the server are written
6.4. Configuring e-mail#
RQL and web server side:
- email.mangle-mails [no]
indicates whether the email addresses must be displayed as is or transformed
RQL server side:
- email.smtp-host [mail]
hostname hosting the SMTP server to use for outgoing mail
- email.smtp-port [25]
SMTP server port to use for outgoing mail
- email.smtp-username
SMTP server username for authenticated email sending
- email.smtp-password
SMTP server password for authenticated email sending
- email.sender-name
name to use for outgoing mail of the instance
- email.sender-addr
address for outgoing mail of the instance
- email.sender-x-cw-header
value of the header X-CW for outgoing mails of the instance
- email.default dest-addrs
destination addresses by default, if used by the configuration of the dissemination of the model (separated by commas)
- email.supervising-addrs
destination addresses of e-mails of supervision (separated by commas)
6.5. Configuring logging#
- main.log-threshold
level of filtering messages (DEBUG, INFO, WARNING, ERROR)
- main.log-file
file to write messages
6.6. Configuring persistent properties#
Other configuration settings are in the form of entities CWProperty in the database. It must be edited via the web interface or by RQL queries.
- ui.encoding
Character encoding to use for the web
- navigation.short-line-size
number of characters for âshortâ display
- navigation.page-size
maximum number of entities to show per results page
- navigation.related-limit
number of related entities to show up on primary entity view
- navigation.combobox-limit
number of entities unrelated to show up on the drop-down lists of the sight on an editing entity view
6.7. Cross-Origin Resource Sharing#
CubicWebâs support for the CORS protocol is provided by the wsgicors middleware at the Pyramid level. For now, the provided implementation only deals with access to a CubicWeb instance as a whole. Support for a finer granularity may be considered in the future.
A few parameters can be set to configure the CORS capabilities of CubicWeb, the values are passed to the wsgicors.CORS() middleware constructor, hence the wsgicors documentation can be used for more details.
- access-control-allow-origin
comma-separated list of allowed origin domains or â*â for any domain
- access-control-allow-methods
comma-separated list of allowed HTTP methods
- access-control-allow-headers
comma-separated list of allowed HTTP custom headers (used in simple requests)
- access-control-expose-headers
comma-separated list of allowed HTTP custom headers (used in preflight requests)
- access-control-max-age
maximum age of cross-origin resource sharing (in seconds)
credentials is always set to true and is not configurable.