/
app-qubes-staging.yml
64 lines (53 loc) · 1.55 KB
/
app-qubes-staging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
---
# Testinfra vars file for app-staigng.
wanted_apache_headers:
X-XSS-Protection: "1; mode=block"
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Content-Security-Policy: "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self'; font-src 'self';"
securedrop_venv: /opt/venvs/securedrop-app-code
securedrop_venv_bin: "{{ securedrop_venv }}/bin"
securedrop_venv_site_packages: "{{ securedrop_venv }}/lib/python3.5/site-packages"
securedrop_code: /var/www/securedrop
securedrop_data: /var/lib/securedrop
securedrop_user: www-data
app_hostname: app-staging
monitor_hostname: mon-staging
apache_listening_address: 127.0.0.1
apache_source_log: /var/log/apache2/source-error.log
apache_allow_from: 127.0.0.1
dns_server:
- 8.8.8.8
- 8.8.4.4
mon_ip: 10.137.0.51
app_ip: 10.137.0.50
pip_deps:
- name: 'Flask'
version: '1.0.2'
apparmor_complain: []
app_directories:
- /var/www/securedrop
- /var/lib/securedrop
- /var/lib/securedrop/store
- /var/lib/securedrop/keys
- /var/lib/securedrop/tmp
tor_services:
- name: journalistv3
ports:
- "80"
authenticated: yes
version: 3
- name: sourcev3
ports:
- "80"
authenticated: no
version: 3
# Staging permits presence of "source-error.log".
allowed_apache_logfiles:
- /var/log/apache2/access.log
- /var/log/apache2/error.log
- /var/log/apache2/journalist-access.log
- /var/log/apache2/journalist-error.log
- /var/log/apache2/other_vhosts_access.log
- /var/log/apache2/source-error.log
fpf_apt_repo_url: "https://apt-test.freedom.press"