251 lines
11 KiB
YAML
251 lines
11 KiB
YAML
parameters:
|
|
# Toggles the super user access policy. If your website has at least one user
|
|
# with the Administrator role, it is advised to set this to false. This allows
|
|
# you to make user 1 a regular user, strengthening the security of your site.
|
|
security.enable_super_user: true
|
|
session.storage.options:
|
|
# Default ini options for sessions.
|
|
#
|
|
# Some distributions of Linux (most notably Debian) ship their PHP
|
|
# installations with garbage collection (gc) disabled. Since Drupal depends
|
|
# on PHP's garbage collection for clearing sessions, ensure that garbage
|
|
# collection occurs by using the most common settings.
|
|
# @default 1
|
|
gc_probability: 1
|
|
# @default 100
|
|
gc_divisor: 100
|
|
#
|
|
# Set session lifetime (in seconds), i.e. the grace period for session
|
|
# data. Sessions are deleted by the session garbage collector after one
|
|
# session lifetime has elapsed since the user's last visit. When a session
|
|
# is deleted, authenticated users are logged out, and the contents of the
|
|
# user's session is discarded.
|
|
# @default 200000
|
|
gc_maxlifetime: 200000
|
|
#
|
|
# Set session cookie lifetime (in seconds), i.e. the time from the session
|
|
# is created to the cookie expires, i.e. when the browser is expected to
|
|
# discard the cookie. The value 0 means "until the browser is closed".
|
|
# @default 2000000
|
|
cookie_lifetime: 2000000
|
|
#
|
|
# Drupal automatically generates a unique session cookie name based on the
|
|
# full domain name used to access the site. This mechanism is sufficient
|
|
# for most use-cases, including multi-site deployments. However, if it is
|
|
# desired that a session can be reused across different subdomains, the
|
|
# cookie domain needs to be set to the shared base domain. Doing so assures
|
|
# that users remain logged in as they cross between various subdomains.
|
|
# To maximize compatibility and normalize the behavior across user agents,
|
|
# the cookie domain should start with a dot.
|
|
#
|
|
# Sessions themselves will only be synchronized across subdomains if they
|
|
# are all served from the same Drupal installation or if some other session
|
|
# sharing mechanism is implemented.
|
|
#
|
|
# @default none
|
|
# cookie_domain: '.example.com'
|
|
#
|
|
# Set the SameSite cookie attribute: 'None', 'Lax', or 'Strict'. If set,
|
|
# this value will override the server value. See
|
|
# https://www.php.net/manual/en/session.security.ini.php for more
|
|
# information.
|
|
# @default no value
|
|
cookie_samesite: Lax
|
|
# By default, Drupal generates a session cookie name based on the full
|
|
# domain name. Set the name_suffix to a short random string to ensure this
|
|
# session cookie name is unique on different installations on the same
|
|
# domain and path (for example, when migrating from Drupal 7).
|
|
name_suffix: ''
|
|
twig.config:
|
|
# Twig debugging:
|
|
#
|
|
# When debugging is enabled:
|
|
# - The markup of each Twig template is surrounded by HTML comments that
|
|
# contain theming information, such as template file name suggestions.
|
|
# - Note that this debugging markup will cause automated tests that directly
|
|
# check rendered HTML to fail. When running automated tests, 'debug'
|
|
# should be set to FALSE.
|
|
# - The dump() function can be used in Twig templates to output information
|
|
# about template variables.
|
|
# - Twig templates are automatically recompiled whenever the source code
|
|
# changes (see auto_reload below).
|
|
#
|
|
# For more information about debugging Twig templates, see
|
|
# https://www.drupal.org/node/1906392.
|
|
#
|
|
# Enabling Twig debugging is not recommended in production environments.
|
|
# @default false
|
|
debug: false
|
|
# Twig auto-reload:
|
|
#
|
|
# Automatically recompile Twig templates whenever the source code changes.
|
|
# If you don't provide a value for auto_reload, it will be determined
|
|
# based on the value of debug.
|
|
#
|
|
# Enabling auto-reload is not recommended in production environments.
|
|
# @default null
|
|
auto_reload: null
|
|
# Twig cache:
|
|
#
|
|
# By default, Twig templates will be compiled and stored in the filesystem
|
|
# to increase performance. Disabling the Twig cache will recompile the
|
|
# templates from source each time they are used. In most cases the
|
|
# auto_reload setting above should be enabled rather than disabling the
|
|
# Twig cache.
|
|
#
|
|
# Disabling the Twig cache is not recommended in production environments.
|
|
# @default true
|
|
cache: true
|
|
# File extensions:
|
|
#
|
|
# List of file extensions the Twig system is allowed to load via the
|
|
# twig.loader.filesystem service. Files with other extensions will not be
|
|
# loaded unless they are added here. For example, to allow a file named
|
|
# 'example.partial' to be loaded, add 'partial' to this list. To load files
|
|
# with no extension, add an empty string '' to the list.
|
|
#
|
|
# @default ['css', 'html', 'js', 'svg', 'twig']
|
|
allowed_file_extensions:
|
|
- css
|
|
- html
|
|
- js
|
|
- svg
|
|
- twig
|
|
renderer.config:
|
|
# Renderer required cache contexts:
|
|
#
|
|
# The Renderer will automatically associate these cache contexts with every
|
|
# render array, hence varying every render array by these cache contexts.
|
|
#
|
|
# @default ['languages:language_interface', 'theme', 'user.permissions']
|
|
required_cache_contexts: ['languages:language_interface', 'theme', 'user.permissions']
|
|
# Renderer automatic placeholdering conditions:
|
|
#
|
|
# Drupal allows portions of the page to be automatically deferred when
|
|
# rendering to improve cache performance. That is especially helpful for
|
|
# cache contexts that vary widely, such as the active user. On some sites
|
|
# those may be different, however, such as sites with only a handful of
|
|
# users. If you know what the high-cardinality cache contexts are for your
|
|
# site, specify those here. If you're not sure, the defaults are fairly safe
|
|
# in general.
|
|
#
|
|
# For more information about rendering optimizations see
|
|
# https://www.drupal.org/developing/api/8/render/arrays/cacheability#optimizing
|
|
auto_placeholder_conditions:
|
|
# Max-age at or below which caching is not considered worthwhile.
|
|
#
|
|
# Disable by setting to -1.
|
|
#
|
|
# @default 0
|
|
max-age: 0
|
|
# Cache contexts with a high cardinality.
|
|
#
|
|
# Disable by setting to [].
|
|
#
|
|
# @default ['session', 'user']
|
|
contexts: ['session', 'user']
|
|
# Tags with a high invalidation frequency.
|
|
#
|
|
# Disable by setting to [].
|
|
#
|
|
# @default []
|
|
tags: []
|
|
# Renderer cache debug:
|
|
#
|
|
# Allows cache debugging output for each rendered element.
|
|
#
|
|
# Enabling render cache debugging is not recommended in production
|
|
# environments.
|
|
# @default false
|
|
debug: false
|
|
# Cacheability debugging:
|
|
#
|
|
# Responses with cacheability metadata (CacheableResponseInterface instances)
|
|
# get X-Drupal-Cache-Tags, X-Drupal-Cache-Contexts and X-Drupal-Cache-Max-Age
|
|
# headers.
|
|
#
|
|
# For more information about debugging cacheable responses, see
|
|
# https://www.drupal.org/developing/api/8/response/cacheable-response-interface
|
|
#
|
|
# Enabling cacheability debugging is not recommended in production
|
|
# environments.
|
|
# @default false
|
|
http.response.debug_cacheability_headers: false
|
|
factory.keyvalue: {}
|
|
# Default key/value storage service to use.
|
|
# @default keyvalue.database
|
|
# default: keyvalue.database
|
|
# Collection-specific overrides.
|
|
# state: keyvalue.database
|
|
factory.keyvalue.expirable: {}
|
|
# Default key/value expirable storage service to use.
|
|
# @default keyvalue.database.expirable
|
|
# default: keyvalue.database.expirable
|
|
# Allowed protocols for URL generation.
|
|
filter_protocols:
|
|
- http
|
|
- https
|
|
- ftp
|
|
- news
|
|
- nntp
|
|
- tel
|
|
- telnet
|
|
- mailto
|
|
- irc
|
|
- ssh
|
|
- sftp
|
|
- webcal
|
|
- rtsp
|
|
|
|
# Configure Cross-Site HTTP requests (CORS).
|
|
# Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
|
|
# for more information about the topic in general.
|
|
# Note: By default the configuration is disabled.
|
|
cors.config:
|
|
enabled: false
|
|
# Specifies allowed headers and sets the Access-Control-Allow-Headers
|
|
# header. For example, ['X-Custom-Header']. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
|
|
allowedHeaders: []
|
|
# Specifies allowed request methods and sets the
|
|
# Access-Control-Allow-Methods header. For example, ['POST', 'GET',
|
|
# 'OPTIONS'] or ['*'] to allow all. Note the wildcard is not yet implemented
|
|
# in all browsers. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
|
|
allowedMethods: []
|
|
# Configure requests allowed from specific origins and sets the
|
|
# Access-Control-Allow-Origin header. For example,
|
|
# ['https://www.drupal.org'] or ['*'] to allow any origin to access your
|
|
# resource. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
|
|
allowedOrigins: ['*']
|
|
# Configure requests allowed from origins, matching against regex patterns.
|
|
allowedOriginsPatterns: []
|
|
# Sets the Access-Control-Expose-Headers header. The default is false which
|
|
# means the header will not be set. To set the header use a comma delimited
|
|
# list within square brackets. For example, ['Content-Type', 'Expires'] or
|
|
# ['*'] to expose all headers. Setting exposedHeaders: ['*'] will result in
|
|
# a Access-Control-Expose-Headers: * response header. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
|
|
exposedHeaders: false
|
|
# Setting Access-Control-Max-Age header value to '0' or false will omit this
|
|
# from the response. However, setting it to '-1' will explicitly disable
|
|
# caching. For example, setting the value to 600 will cache results of a
|
|
# preflight request for 10 minutes. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
|
|
maxAge: false
|
|
# Sets the Access-Control-Allow-Credentials header if set to true. See
|
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
|
|
supportsCredentials: false
|
|
|
|
# The maximum number of entities stored in memory. Lowering this number can
|
|
# reduce the amount of memory used in long-running processes like migrations,
|
|
# however will also increase requests to the database or entity cache backend.
|
|
entity.memory_cache.slots: 1000
|
|
|
|
queue.config:
|
|
# The maximum number of seconds to wait if a queue is temporarily suspended.
|
|
# This is not applicable when a queue is suspended but does not specify
|
|
# how long to wait before attempting to resume.
|
|
suspendMaximumWait: 30
|