Sync bridgedb.conf with bridgedb-admin.git (no settings changed).

bridgedb.conf

@@ -8,12 +8,34 @@
 # pretend you're writing Python, and everything will be peachy keen.
 #______________________________________________________________________________
 #
-# This file is part of BridgeDB, a Tor bridge distribution system.
+# Part of BridgeDB, a Tor bridge distribution system.
 #
-# :copyright: (c) 2007-2013, The Tor Project, Inc.
+# :authors: The Tor Project, Inc.
+# :license: This file is freely distributed as part of BridgeDB, see LICENSE
+#           for details.
+# :copyright: (c) 2007-2013 The Tor Project, Inc.
 #             (c) 2007-2013, all sentient entities within the AUTHORS file
-# :license: see LICENSE for licensing information
-#______________________________________________________________________________
+# :version: 0.0.3
+#===============================================================================
+#
+# CHANGELOG:
+# ~~~~~~~~~~ 
+# Changes in version 0.0.3 - 2014-01-17
+#   * UPDATE config from bridgedb.git/bridgedb.conf, without changing any of the
+#     settings.
+#
+# Changes in version 0.0.2 - 2014-01-17
+#   * ADD missing settings, EMAIL_GPG_SIGNING_ENABLED and EMAIL_GPG_SIGNING_KEY.
+#
+# Changes in version 0.0.1 - 2013-08-30
+#   * ADD version of config file in use on ponticum.
+#     - Two config variables, RECAPTCHA_PUB_KEY and RECAPTCHA_PRIV_KEY, have
+#       been removed, they can be found in:
+#       patches/001-bridgedb-conf-recaptcha-vars.patch.
+#   * CLEANUP the config file slightly (such as adding these headers) and
+#     fixing the linewraps. No other variables were touched.
+#
+#===============================================================================
 
 #===========================#
 #  General-purpose options  #
@@ -33,6 +55,10 @@
 # can read it.
 #------------------------------------------------------------------------------
 
+# We chdir to this directory when we start; all files with relative pathnames
+# are created under this directory
+#RUN_IN_DIR = "/srv/bridges.torproject.org/run"
+
 # List of filenames from which we read ``@type bridge-server-descriptor``s, on
 # startup and on SIGHUP.
 BRIDGE_FILES = ["bridge-descriptors"]
@@ -62,9 +88,6 @@ HTTPS_KEY_FILE="privkey.pem"
 # Either a file to log to, or None if we should log to the console.
 LOGFILE = "bridgedb.log"
 
-# File to which we dump bridge pool assignments for statistics.
-ASSIGNMENTS_FILE = "assignments.log"
-
 # File in which to write our pid
 PIDFILE = "bridgedb.pid"
 
@@ -93,7 +116,7 @@ PROXY_LIST_FILES = []
 # Be sure to also see the LOGFILE option above!
 #------------------------------------------------------------------------------
 
-# One of "DEBUG", "INFO", "WARNING", "ERROR"...
+# One of "DEBUG", "INFO", "WARNING", "ERROR", or "FATAL:
 LOGLEVEL = "DEBUG"
 
 # If true, we scrub all potentially identifying information before we log it
@@ -103,10 +126,12 @@ SAFELOGGING = True
 LOGFILE_COUNT = 5
 LOGFILE_ROTATE_SIZE = 10000000
 
-
 # Only consider routers whose purpose matches this string.
 BRIDGE_PURPOSE = "bridge"
 
+# File to which we dump bridge pool assignments for statistics.
+ASSIGNMENTS_FILE = "assignments.log"
+
 # How many clusters do we group IPs in when distributing bridges based on IP?
 # Note that if PROXY_LIST_FILES is set (below), what we actually do here
 # is use one higher than the number here, and the extra cluster is used
@@ -118,7 +143,7 @@ N_IP_CLUSTERS = 4
 FORCE_PORTS = [(443, 1)]
 
 # If possible, always give a certain number of answers with a given flag.
-# Only "stable" is now supported.  This is a list of (flag,minimum) tuples.
+# Only "Stable" is now supported.  This is a list of (flag,minimum) tuples.
 FORCE_FLAGS = [("Stable", 1)]
 
 #-------------------------------
@@ -131,7 +156,7 @@ FORCE_FLAGS = [("Stable", 1)]
 # your SSL certificate and key!
 #------------------------------------------------------------------------------
 
-# Set to ``True`` to enable distribution via HTTP or HTTPS; False otherwise.
+# (boolean) True to enable distribution via HTTP or HTTPS; False otherwise.
 HTTPS_DIST = True
 
 # (string or None) The IP address where we listen for HTTPS connections. If
@@ -141,7 +166,7 @@ HTTPS_BIND_IP = '127.0.0.1'
 # (integer or None) The port to listen on for incoming HTTPS connections.
 HTTPS_PORT = 6789
 
-# How many bridges do we give back in an answer?
+# How many bridges do we give back in an answer (either HTTP or HTTPS)?
 HTTPS_N_BRIDGES_PER_ANSWER = 3
 
 # Should we tell http users about the bridge fingerprints?  Turn this on
@@ -160,14 +185,10 @@ HTTP_UNENCRYPTED_BIND_IP = None
 # (integer or None) The port to listen on for incoming HTTP connections.
 HTTP_UNENCRYPTED_PORT = None
 
-# Same as the ``HTTPS_USE_IP_FROM_FORWARDED_HEADER`` option, but for
+# (boolean) Same as the HTTPS_USE_IP_FROM_FORWARDED_HEADER option, but for
 # unencrypted connections.
 HTTP_USE_IP_FROM_FORWARDED_HEADER = False
 
-# The number of bridges to hand out per response by the unencrypted HTTP
-# distributor
-HTTP_N_BRIDGES_PER_ANSWER = 3
-
 #-------------------------------
 # Email Distribution Options    \
 #------------------------------------------------------------------------------
@@ -181,11 +202,14 @@ HTTP_N_BRIDGES_PER_ANSWER = 3
 # True if we are enabling distribution via Email; false otherwise.
 EMAIL_DIST = True
 
-# What email addresses do we use for outgoing email?  EMAIL_FROM_ADDR goes
-# in the From: line in outgoing headers, and EMAIL_SMTP_FROM_ADDR goes in
-# the MAIL FROM header in outgoing SMTP.
+# What email addresses do we use for outgoing email?
+
+# EMAIL_FROM_ADDR goes in the 'From:' header on outgoing emails:
 EMAIL_FROM_ADDR = "bridges@torproject.org"
+
+# EMAIL_SMTP_FROM_ADDR goes in the 'Mail-From:' header in outgoing SMTP:
 EMAIL_SMTP_FROM_ADDR = "bridges@torproject.org"
+
 EMAIL_SMTP_HOST = "127.0.0.1"
 EMAIL_SMTP_PORT = 25
 
@@ -196,8 +220,8 @@ EMAIL_USERNAME = "bridges"
 EMAIL_DOMAINS = ["gmail.com", "yahoo.com"]
 
 # Map from unofficial domain to canonical domain.
-EMAIL_DOMAIN_MAP = { "mail.google.com" : "gmail.com",
-                     "googlemail.com" : "gmail.com"}
+EMAIL_DOMAIN_MAP = {"mail.google.com": "gmail.com",
+                    "googlemail.com": "gmail.com"}
 
 # Map from canonical domain to list of options for that domain.  Recognized
 # options are:
@@ -206,19 +230,19 @@ EMAIL_DOMAIN_MAP = { "mail.google.com" : "gmail.com",
 #        with the value "pass", then drop the message.
 #
 # Note that unrecognized options are ignored; be sure to spell them right!
-EMAIL_DOMAIN_RULES = { 'gmail.com' : ["ignore_dots", "dkim"],
-                       'yahoo.com' : ["dkim"]}
+EMAIL_DOMAIN_RULES = {'gmail.com': ["ignore_dots", "dkim"],
+                      'yahoo.com': ["dkim"]}
 
 # If there are any IPs in this list, only allow incoming connections from
 # those IPs.
 EMAIL_RESTRICT_IPS = []
 
 # IP and port to listen on for email connections. Debugging only.
-EMAIL_BIND_IP="127.0.0.1"
-EMAIL_PORT=6725
+EMAIL_BIND_IP = "127.0.0.1"
+EMAIL_PORT = 6725
 
 # How many bridges do we give back in an answer?
-EMAIL_N_BRIDGES_PER_ANSWER=3
+EMAIL_N_BRIDGES_PER_ANSWER = 3
 
 # Should we tell http users about the bridge fingerprints?  Turn this on
 # once we have the vidalia/tor interaction fixed for everbody.
@@ -243,7 +267,8 @@ EMAIL_GPG_SIGNING_KEY = 'gnupghome/TESTING.subkeys.sec'
 # it stays there; there is currently no mechanism for changing a bridge's
 # hashring allocation.
 #
-# The bridges are allocated to these groups with the following proportions:
+# Once a bridge is assigned to either of the first two groups, it stays there
+# persistently. The bridges are allocated to these groups in a proportion of
 #
 #     ``HTTPS_SHARE`` : ``EMAIL_SHARE`` : ``RESERVED_SHARE``
 # ------------------------------------------------------------------------------
@@ -264,7 +289,9 @@ RESERVED_SHARE = 2
 # the number of bridges.
 FILE_BUCKETS = {}
 
-# Options related to recaptcha support.
+# Recaptcha Options
+# -----------------
+
 # Enable/Disable recaptcha
 RECAPTCHA_ENABLED = False