-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathexample.settings.php
More file actions
249 lines (235 loc) · 9.08 KB
/
example.settings.php
File metadata and controls
249 lines (235 loc) · 9.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
<?php
/**
* Salt for one-time login links, cancel links, form tokens, etc.
*
* This variable will be set to a random value by the installer. All one-time
* login links will be invalidated if the value is changed. Note that if your
* site is deployed on a cluster of web servers, you must ensure that this
* variable has the same value on each server.
*
* For enhanced security, you may set this variable to the contents of a file
* outside your document root, and vary the value across environments (like
* production and development); you should also ensure that this file is not
* stored with backups of your database.
*
* Example:
* @code
* $settings['hash_salt'] = file_get_contents('/home/example/salt.txt');
* @endcode
*/
$settings['hash_salt'] = getenv('DRUPAL_HASH_SALT');
/**
* Database settings:
*
* The $databases array specifies the database connection or
* connections that Drupal may use. Drupal is able to connect
* to multiple databases, including multiple types of databases,
* during the same request.
*
* One example of the simplest connection array is shown below. To use the
* sample settings, copy and uncomment the code below between the @code and
* @endcode lines and paste it after the $databases declaration. You will need
* to replace the database username and password and possibly the host and port
* with the appropriate credentials for your database system.
*
* The next section describes how to customize the $databases array for more
* specific needs.
*
* @code
* $databases['default']['default'] = [
* 'database' => 'databasename',
* 'username' => 'sql_username',
* 'password' => 'sql_password',
* 'host' => 'localhost',
* 'port' => '3306',
* 'driver' => 'mysql',
* 'prefix' => '',
* 'collation' => 'utf8mb4_general_ci',
* ];
* @endcode
*/
$databases['default']['default'] = [
'database' => getenv('MYSQL_DATABASE'),
'username' => getenv('MYSQL_USER'),
'password' => getenv('MYSQL_PASSWORD'),
'host' => getenv('MYSQL_HOST'),
'port' => getenv('MYSQL_PORT'),
'driver' => 'mysql',
'prefix' => '',
'collation' => 'utf8mb4_unicode_ci',
];
/**
* Access control for update.php script.
*
* If you are updating your Drupal installation using the update.php script but
* are not logged in using either an account with the "Administer software
* updates" permission or the site maintenance account (the account that was
* created during installation), you will need to modify the access check
* statement below. Change the FALSE to a TRUE to disable the access check.
* After finishing the upgrade, be sure to open this file again and change the
* TRUE back to a FALSE!
*/
$settings['update_free_access'] = FALSE;
/**
* Reverse Proxy Configuration:
*
* Reverse proxy servers are often used to enhance the performance
* of heavily visited sites and may also provide other site caching,
* security, or encryption benefits. In an environment where Drupal
* is behind a reverse proxy, the real IP address of the client should
* be determined such that the correct client IP address is available
* to Drupal's logging, statistics, and access management systems. In
* the most simple scenario, the proxy server will add an
* X-Forwarded-For header to the request that contains the client IP
* address. However, HTTP headers are vulnerable to spoofing, where a
* malicious client could bypass restrictions by setting the
* X-Forwarded-For header directly. Therefore, Drupal's proxy
* configuration requires the IP addresses of all remote proxies to be
* specified in $settings['reverse_proxy_addresses'] to work correctly.
*
* Enable this setting to get Drupal to determine the client IP from the
* X-Forwarded-For header. If you are unsure about this setting, do not have a
* reverse proxy, or Drupal operates in a shared hosting environment, this
* setting should remain commented out.
*
* In order for this setting to be used you must specify every possible
* reverse proxy IP address in $settings['reverse_proxy_addresses'].
* If a complete list of reverse proxies is not available in your
* environment (for example, if you use a CDN) you may set the
* $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
* Be aware, however, that it is likely that this would allow IP
* address spoofing unless more advanced precautions are taken.
*/
$settings['reverse_proxy'] = TRUE;
/**
* Reverse proxy addresses.
*
* Specify every reverse proxy IP address in your environment, as an array of
* IPv4/IPv6 addresses or subnets in CIDR notation. This setting is required if
* $settings['reverse_proxy'] is TRUE.
*/
$settings['reverse_proxy_addresses'] = [@$_SERVER['REMOTE_ADDR']];
/**
* Load services definition file.
*/
$settings['container_yamls'][] = $app_root . '/' . $site_path . '/services.yml';
/**
* Trusted host configuration.
*
* Drupal core can use the Symfony trusted host mechanism to prevent HTTP Host
* header spoofing.
*
* To enable the trusted host mechanism, you enable your allowable hosts
* in $settings['trusted_host_patterns']. This should be an array of regular
* expression patterns, without delimiters, representing the hosts you would
* like to allow.
*
* For example:
* @code
* $settings['trusted_host_patterns'] = [
* '^www\.example\.com$',
* ];
* @endcode
* will allow the site to only run from www.example.com.
*
* If you are running multisite, or if you are running your site from
* different domain names (eg, you don't redirect http://www.example.com to
* http://example.com), you should specify all of the host patterns that are
* allowed by your site.
*
* For example:
* @code
* $settings['trusted_host_patterns'] = [
* '^example\.com$',
* '^.+\.example\.com$',
* '^example\.org$',
* '^.+\.example\.org$',
* ];
* @endcode
* will allow the site to run off of all variants of example.com and
* example.org, with all subdomains included.
*
* @see https://www.drupal.org/docs/installing-drupal/trusted-host-settings
*/
$settings['trusted_host_patterns'] = [
];
/**
* The default list of directories that will be ignored by Drupal's file API.
*
* By default ignore node_modules and bower_components folders to avoid issues
* with common frontend tools and recursive scanning of directories looking for
* extensions.
*
* @see \Drupal\Core\File\FileSystemInterface::scanDirectory()
* @see \Drupal\Core\Extension\ExtensionDiscovery::scanDirectory()
*/
$settings['file_scan_ignore_directories'] = [
'node_modules',
'bower_components',
];
/**
* The default number of entities to update in a batch process.
*
* This is used by update and post-update functions that need to go through and
* change all the entities on a site, so it is useful to increase this number
* if your hosting configuration (i.e. RAM allocation, CPU speed) allows for a
* larger number of entities to be processed in a single batch run.
*/
$settings['entity_update_batch_size'] = 50;
/**
* Entity update backup.
*
* This is used to inform the entity storage handler that the backup tables as
* well as the original entity type and field storage definitions should be
* retained after a successful entity update process.
*/
$settings['entity_update_backup'] = TRUE;
/**
* Node migration type.
*
* This is used to force the migration system to use the classic node migrations
* instead of the default complete node migrations. The migration system will
* use the classic node migration only if there are existing migrate_map tables
* for the classic node migrations and they contain data. These tables may not
* exist if you are developing custom migrations and do not want to use the
* complete node migrations. Set this to TRUE to force the use of the classic
* node migrations.
*/
$settings['migrate_node_migrate_type_classic'] = FALSE;
/**
* Location of the site configuration files.
*
* The $settings['config_sync_directory'] specifies the location of file system
* directory used for syncing configuration data. On install, the directory is
* created. This is used for configuration imports.
*
* The default location for this directory is inside a randomly-named
* directory in the public files path. The setting below allows you to set
* its location.
*/
$settings['config_sync_directory'] = dirname($app_root) . '/config';
/**
* State caching.
*
* State caching uses the cache collector pattern to cache all requested keys
* from the state API in a single cache entry, which can greatly reduce the
* amount of database queries. However, some sites may use state with a
* lot of dynamic keys which could result in a very large cache.
*/
$settings['state_cache'] = TRUE;
/**
* Load local development override configuration, if available.
*
* Create a settings.local.php file to override variables on secondary (staging,
* development, etc.) installations of this site.
*
* Typical uses of settings.local.php include:
* - Disabling caching.
* - Disabling JavaScript/CSS compression.
* - Rerouting outgoing emails.
*
* Keep this code block at the end of this file to take full effect.
*/
if (file_exists($app_root . '/' . $site_path . '/settings.local.php')) {
include $app_root . '/' . $site_path . '/settings.local.php';
}