-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathconfig.yml
121 lines (99 loc) · 3.36 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Default options
# WP_OPTION_ADMIN_EMAIL: ''
WP_OPTION_BLOG_PUBLIC: false
FORCE_SSL_ADMIN: true
WP_POST_REVISIONS: 5
# NYCO WordPress Assets integration configuration. These may be different for
# downstream environments. They are required for the Google Integration Suite
# to function properly and can be found in your various Google product settings.
# DATA_LAYER: true
# GOOGLE_ANALYTICS: ''
# GOOGLE_OPTIMIZE_ID: ''
# GOOGLE_TAG_MANAGER: ''
# GOOGLE_TAG_MANAGER_AUTH: ''
# GOOGLE_TAG_MANAGER_PREVIEW: ''
# GOOGLE_TAG_MANAGER_COOKIES: x
# WordPress Query Monitor Plugin Configuration. Enabling the capabilities panel
# and dark mode.
#
# @link https://wordpress.org/plugins/query-monitor/
QM_ENABLE_CAPS_PANEL: true
QM_DARK_MODE: true
# WP Scan Plugin Configuration.
#
# @link https://wordpress.org/plugins/wpscan/
WPSCAN_API_TOKEN: ''
WP_OPTION_WPSCAN_MAIL: ''
WP_OPTION_WPSCAN_INTERVAL: 1
# Occasionally you may wish to disable the plugin or theme editor to prevent
# overzealous users from being able to edit sensitive files and potentially
# crash the site. Disabling these also provides an additional layer of security
# if a hacker gains access to a well-privileged user account.
#
# This must be enabled by support on WP Engine environments.
#
# @link https://wordpress.org/support/article/editing-wp-config-php/#disable-the-plugin-and-theme-editor
DISALLOW_FILE_EDIT: true
# Boilerplate; if using the S3 Uploads plugin to store uploads the
# configuration can be set here.
#
## S3 Uploads Configuration
##
## @link https://github.com/humanmade/S3-Uploads
#
## S3_UPLOADS_BUCKET: ''
## S3_UPLOADS_KEY: ''
## S3_UPLOADS_SECRET: ''
## S3_UPLOADS_REGION: us-east-1
# Boilerplate; if using WPML for translation management this config can
# designate lower environments as testing. Uncomment to set.
#
## Disabling critical communications with translations services for test sites.
##
## @link https://wpml.org/documentation/support/wpml-coding-api/#disabling-critical-communications-with-translations-services-for-test-sites
#
## WPML_ENVIRONMENT: test
# Configuration for WP Headers plugin
#
# @link https://github.com/cityofnewyork/nyco-wp-boilerplate/
WP_HEADERS_DNS_PREFETCH_CONTROL: 'on'
WP_HEADERS_SAMEORIGIN: true # Prevent web pages from being loaded inside iFrame
WP_HEADERS_NOSNIFF: true # Prevent MIME Type sniffing
# Content Security Policy Header
#
# @link https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
# @link https://github.com/cityofnewyork/nyco-wp-boilerplate/
# WP_HEADERS_CSP_STYLE: ''
# WP_HEADERS_CSP_FONT: ''
# WP_HEADERS_CSP_IMG: ''
# WP_HEADERS_CSP_SCRIPT: ''
# WP_HEADERS_CSP_CONNECT: ''
# WP_HEADERS_CSP_FRAME: ''
# WP_HEADERS_CSP_REPORTING: '' # Creating an endpoint for reporting will send violations to this defined URI for debugging
WP_HEADERS_CSP_SEND: false # Setting false will prevent CSP headers from sending at all
# Local environments
development:
WP_SITEURL: http://localhost:8080
WP_HOME: http://localhost:8080
FORCE_SSL_ADMIN: false
WP_OPTION_BLOG_PUBLIC: false
WPML_ENVIRONMENT: test
testing:
WP_SITEURL: http://localhost:8080
WP_HOME: http://localhost:8080
FORCE_SSL_ADMIN: false
WP_OPTION_BLOG_PUBLIC: true
WPML_ENVIRONMENT: test
# Remote environments
test:
WP_SITEURL: ''
WP_HOME: ''
WPML_ENVIRONMENT: test
stage:
WP_SITEURL: ''
WP_HOME: ''
WPML_ENVIRONMENT: test
prod:
WP_SITEURL: ''
WP_HOME: ''
WP_OPTION_BLOG_PUBLIC: true