config.ini

[fastcgi]
; Listen to TCP port (tcp) or UNIX socket (unix)
mode = tcp
; TCP only: IP address (of an interface) to listen to (for all interfaces, use "all", without quotes)
listen = 127.0.0.1
; TCP only: TCP port to listen on
port = 8000
; UNIX only: path to the socket
path = /etc/nawa/sock.d/nawa.sock
; UNIX only: permissions of the socket (unsigned 32 bit integer) (strtol(mode, 0, 8))
; leave empty for no permission set / 0xffffffffUL
; permissions = 0xffffffffUL ; example from libfastcgipp
;permissions = 0600
permissions =
; UNIX only: owner of the socket
owner = user
; UNIX only: group of the socket
group = user
; set SO_REUSEADDR socket option
; default value: on
reuseaddr = on

[http]
; IP address (of an interface) to listen on
; default value: 127.0.0.1
listen = 127.0.0.1
; TCP port to listen on (for port numbers < 1000, NAWA needs to be started as root)
; default value: 8080
port = 8080
; set SO_REUSEADDR socket option
; default value: on
reuseaddr = on

[privileges]
; user NAWA should run as (if started as root)
user = user
; group NAWA should run as (if started as root)
group = user

[post]
; Maximum post size (in kiB)
; default value: 0
max_size = 1000
; Access to raw post data (requires copying) always possible (always), never (never), or just for non-standard
; content types (nonstandard), i.e., all except application/x-www-form-urlencoded and multipart/form-data
; default value: nonstandard
; possible values: always, nonstandard, never
raw_access = nonstandard

[system]
; Fixed number of threads (fixed) or relative to std::thread::hardware_concurrency (hardware)
; default value: fixed
concurrency = hardware
; number of threads, absolute (fixed concurrency) or relative (threads*hardware_concurrency) (double)
; default value: 1.0
threads = 1.0
; after receiving a SIGTERM, SIGINT, or SIGUSR1, enforce termination (ignoring pending requests) after the given number
; of seconds
; default value: 10
termination_timeout = 10
; Request handler to use
; default value: fastcgi
; possible values: fastcgi, http (the latter one should be used for development purposes only)
request_handler = fastcgi

[application]
; Path to application to load
path = ./build/libnawatest.so

[logging]
; Log level
; default value: informational
; possible values: off, error, warning, informational, debug
level = informational
; Use systemd-style extended log messages in the format {date} {time} {hostname} {process}[{PID}]: {message}
; Turn off when using systemd, as systemd extends them itself.
; Default: off
extended = off

[session]
; Name of the session cookie
; default value: SESSION
cookie_name = SESSION
; For session cookie properties, please note the precedence:
; - (highest) passing a Cookie parameter to Session::start() -> the following 3 cookie_* properties will be ignored
; - properties defined here
; - (lowest) Connection::setCookiePolicy(Cookie)
; -> boolean properties (Secure, HttpOnly): will be set if true/on anywhere,
;    integral properties (SameSite, Max-Age): value with highest precedence that is set will be taken

; Enable this option if session cookies may only be sent via secure (HTTPS) connections. Sessions will not work on
; unencrypted (HTTP) connections if this option is set to on.
; default value: off
cookie_secure = off
; Set this to off if httpOnly attribute should not be set in the cookie (making it modifiable through JS, danger of XSS)
; (not yet supported by all browsers, but at least protects those with a compatible browser)
; default value: on
cookie_httponly = on
; If set to lax, cookie may be sent with some cross-site GET requests, if off, cookie may be sent with all XS requests
; strict is recommended, sending the cookie with XS requests is then prohibited (not yet supported by all browsers)
; default value: strict
; possible values: strict, lax, off
cookie_samesite = strict
; Set this to off if the cookie should not include an explicit Expires and Max-Age property (according to keepalive)
; (the browser will then delete it when it closes)
; WARNING: CookiePolicy sets absolute values for Expires and Max-Age and might make proper session handling impossible,
; therefore, it is recommended to leave this on.
; default value: on
cookie_expires = on
; How many seconds should a session be kept alive (server-side) without being touched by Session::start() or autostart?
; (i.e., in general, the maximum time a user can be inactive without having its session closed)
; Sessions never outlive the runtime of the NAWA process and cannot be set to being "infinite".
; Use a database if you want to implement "permanent sessions"/"stay logged in".
; default value: 1800
keepalive = 3600
; Automatically start a session when a user connects? (on/off)
; Please note that session starting might slow down connections due to the synchronization overhead with other calls.
; We recommend to leave this off and not to start sessions for resources that do not need them,
; such as images, styles, JS, etc.
; default value: off
autostart = off
; Bind sessions to IP addresses, and if yes, what to do in case of an IP mismatch?
; (might cause problems with switching between WiFi and mobile networks, recommended only for security sensitive apps)
; possible values: strict (invalidate session when accessed with different IP), lax (ignore access), off
; default value: off
validate_ip = off
; Probability that the garbage collector will be run while running Session::start() is 1/(gc_divisor).
; default value: 100 (i.e., 1% chance)
gc_divisor = 100

[crypto]
; Cost factor for salt generation for password hashing using the bcrypt algorithm. May be increased on stronger hardware.
; default value: 12
bcrypt_cost = 12