mirror of https://github.com/zulip/zulip.git
prod_settings_template: Move ALLOWED_HOSTS up and clarify.
This commit is contained in:
Tim Abbott
parent
e208002002
commit
7964408633
|
|
@ -69,9 +69,9 @@ These settings include:
|
|||
|
||||
- `EXTERNAL_HOST`: the user-accessible Zulip domain name for your
|
||||
Zulip installation (aka what users will type in their web
|
||||
browser). This will be the domain for which you have DNS A records
|
||||
pointing to this server and for which you configured SSL
|
||||
certificates. If you plan to use multiple domains, also set
|
||||
browser). This should of course match the DNS name you configured to
|
||||
point to your server and for which you configured SSL certificates.
|
||||
If you plan to use multiple domains, add the others to
|
||||
`ALLOWED_HOSTS`.
|
||||
|
||||
- `ZULIP_ADMINISTRATOR`: the email address of the person or team
|
||||
|
|
|
|||
|
|
@ -9,9 +9,25 @@
|
|||
# sensible default values will be used.
|
||||
|
||||
# The user-accessible Zulip hostname for this installation, e.g.
|
||||
# zulip.example.com
|
||||
# zulip.example.com. This should match what users will put in their
|
||||
# web browser. If you want to allow multiple hostnames, add the rest
|
||||
# to ALLOWED_HOSTS.
|
||||
EXTERNAL_HOST = 'zulip.example.com'
|
||||
|
||||
# A comma-separated list of strings representing the host/domain names
|
||||
# that your users will enter in their browsers to access your Zulip
|
||||
# server. This is a security measure to prevent an attacker from
|
||||
# poisoning caches and triggering password reset emails with links to
|
||||
# malicious hosts by submitting requests with a fake HTTP Host
|
||||
# header. See Django's documentation here:
|
||||
# <https://docs.djangoproject.com/en/1.9/ref/settings/#allowed-hosts>.
|
||||
# Zulip adds 'localhost' and '127.0.0.1' to the list automatically.
|
||||
#
|
||||
# The default should work unless you are using multiple hostnames or
|
||||
# connecting directly to your server's IP address. If this is set
|
||||
# wrong, all requests will get a "Bad Request" error.
|
||||
ALLOWED_HOSTS = [EXTERNAL_HOST]
|
||||
|
||||
# The email address for the person or team who maintain the Zulip
|
||||
# Voyager installation. Will also get support emails. (e.g. zulip-admin@example.com)
|
||||
ZULIP_ADMINISTRATOR = 'zulip-admin@example.com'
|
||||
|
|
@ -106,16 +122,6 @@ DEFAULT_FROM_EMAIL = "Zulip <zulip@example.com>"
|
|||
# Messages sent to this address should not be delivered anywhere.
|
||||
NOREPLY_EMAIL_ADDRESS = "noreply@example.com"
|
||||
|
||||
# A comma-separated list of strings representing the host/domain names
|
||||
# that your users will enter in their browsers to access your Zulip
|
||||
# server. This is a security measure to prevent an attacker from
|
||||
# poisoning caches and triggering password reset emails with links to
|
||||
# malicious hosts by submitting requests with a fake HTTP Host
|
||||
# header. See Django's documentation here:
|
||||
# <https://docs.djangoproject.com/en/1.9/ref/settings/#allowed-hosts>.
|
||||
# Zulip adds 'localhost' to the list automatically.
|
||||
ALLOWED_HOSTS = [EXTERNAL_HOST]
|
||||
|
||||
### OPTIONAL SETTINGS
|
||||
|
||||
# Controls whether session cookies expire when the browser closes
|
||||
|
|
|
|||
Loading…
Reference in New Issue