Improve configurations

Added some missing config values to the production.py.example
config and I did a general clean up/improvement.

I am still not happy with the way you have to configure
FlaskBB though.

flaskbb/configs/default.py

@@ -11,7 +11,6 @@
 """
 import os
 import sys
-import datetime
 
 _VERSION_STR = '{0.major}{0.minor}'.format(sys.version_info)
 
@@ -24,10 +23,26 @@ class DefaultConfig(object):
     _basedir = os.path.join(os.path.abspath(os.path.dirname(os.path.dirname(
                             os.path.dirname(__file__)))))
 
+    # Flask Settings
+    # ------------------------------
+    # There is a whole bunch of more settings available here:
+    # http://flask.pocoo.org/docs/0.11/config/#builtin-configuration-values
     DEBUG = False
     TESTING = False
 
-    # Logs
+    # Server Name
+    # The name and port number of the server.
+    # Required for subdomain support (e.g.: 'myapp.dev:5000') and
+    # URL generation without a request context but with an application context
+    # which we need in order to generate URLs (with the celery application)
+    # Note that localhost does not support subdomains so setting this to
+    # “localhost” does not help.
+    # Example for the FlaskBB forums: SERVER_NAME = "forums.flaskbb.org"
+    #SERVER_NAME =
+
+    # Prefer HTTPS over HTTP
+    PREFERRED_URL_SCHEME = "https"
+
     # If SEND_LOGS is set to True, the admins (see the mail configuration) will
     # recieve the error logs per email.
     SEND_LOGS = False
@@ -37,7 +52,11 @@ class DefaultConfig(object):
     INFO_LOG = "info.log"
     ERROR_LOG = "error.log"
 
-    # Default Database
+    # Database
+    # ------------------------------
+    # For PostgresSQL:
+    #SQLALCHEMY_DATABASE_URI = "postgresql://flaskbb@localhost:5432/flaskbb"
+    # For SQLite:
     SQLALCHEMY_DATABASE_URI = 'sqlite:///' + _basedir + '/' + \
                               'flaskbb.sqlite'
 
@@ -48,15 +67,20 @@ class DefaultConfig(object):
     SQLALCHEMY_ECHO = False
 
     # Security
+    # ------------------------------
     # This is the secret key that is used for session signing.
     # You can generate a secure key with os.urandom(24)
     SECRET_KEY = 'secret key'
 
-    # Protection against form post fraud
+    # You can generate the WTF_CSRF_SECRET_KEY the same way as you have
+    # generated the SECRET_KEY. If no WTF_CSRF_SECRET_KEY is provided, it will
+    # use the SECRET_KEY.
     WTF_CSRF_ENABLED = True
     WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
 
-    # Searching
+    # Full-Text-Search
+    # ------------------------------
+    # This will use the "whoosh_index" directory to store the search indexes
     WHOOSHEE_DIR = os.path.join(_basedir, "whoosh_index", _VERSION_STR)
     # How long should whooshee try to acquire write lock? (defaults to 2)
     WHOOSHEE_WRITER_TIMEOUT = 2
@@ -64,6 +88,7 @@ class DefaultConfig(object):
     WHOOSHEE_MIN_STRING_LEN = 3
 
     # Auth
+    # ------------------------------
     LOGIN_VIEW = "auth.login"
     REAUTH_VIEW = "auth.reauth"
     LOGIN_MESSAGE_CATEGORY = "info"
@@ -90,18 +115,40 @@ class DefaultConfig(object):
     # Default: False
     #REMEMBER_COOKIE_HTTPONLY = False
 
+    # Rate Limiting via Flask-Limiter
+    # -------------------------------
+    # A full list with configuration values is available here:
+    # http://flask-limiter.readthedocs.io/en/stable/#configuration
+
+    # You can choose from:
+    #   memory:// (default)
+    #   redis://host:port
+    #   memcached://host:port
+    # Using the redis storage requires the installation of the redis package,
+    # which will be installed if you enable REDIS_ENABLE while memcached
+    # relies on the pymemcache package.
+    #RATELIMIT_STORAGE_URL = "redis://localhost:6379"
+
     # Caching
+    # ------------------------------
+    # For all available caching types, take a look at the Flask-Cache docs
+    # https://pythonhosted.org/Flask-Caching/#configuring-flask-caching
     CACHE_TYPE = "simple"
+    # For redis:
+    #CACHE_TYPE = "redis"
     CACHE_DEFAULT_TIMEOUT = 60
 
-    ## Captcha
-    RECAPTCHA_ENABLED = False
-    RECAPTCHA_USE_SSL = False
-    RECAPTCHA_PUBLIC_KEY = "your_public_recaptcha_key"
-    RECAPTCHA_PRIVATE_KEY = "your_private_recaptcha_key"
-    RECAPTCHA_OPTIONS = {"theme": "white"}
-
-    ## Mail
+    # Mail
+    # ------------------------------
+    # Google Mail Example
+    #MAIL_SERVER = "smtp.gmail.com"
+    #MAIL_PORT = 465
+    #MAIL_USE_SSL = True
+    #MAIL_USERNAME = "your_username@gmail.com"
+    #MAIL_PASSWORD = "your_password"
+    #MAIL_DEFAULT_SENDER = ("Your Name", "your_username@gmail.com")
+
+    # Local SMTP Server
     MAIL_SERVER = "localhost"
     MAIL_PORT = 25
     MAIL_USE_SSL = False
@@ -112,7 +159,12 @@ class DefaultConfig(object):
     # Where to logger should send the emails to
     ADMINS = ["admin@example.org"]
 
-    # Flask-Redis
+    # Redis
+    # ------------------------------ #
+    # If redis is enabled, it can be used for:
+    #   - Sending non blocking emails via Celery (Task Queue)
+    #   - Caching
+    #   - Rate Limiting
     REDIS_ENABLED = False
     REDIS_URL = "redis://localhost:6379"  # or with a password: "redis://:password@localhost:6379"
     REDIS_DATABASE = 0
@@ -121,6 +173,8 @@ class DefaultConfig(object):
     CELERY_BROKER_URL = 'redis://localhost:6379'
     CELERY_RESULT_BACKEND = 'redis://localhost:6379'
 
+    # FlaskBB Settings
+    # ------------------------------ #
     # URL Prefixes
     FORUM_URL_PREFIX = ""
     USER_URL_PREFIX = "/user"

flaskbb/configs/development.py.example

@@ -3,6 +3,8 @@
     ~~~~~~~~~~~~~~~~~~~~
 
     This is the FlaskBB's development config.
+    An extensive description for all those settings values
+    is available in ``default.py``.
 
     :copyright: (c) 2014 by the FlaskBB Team.
     :license: BSD, see LICENSE for more details.
@@ -15,10 +17,10 @@ class DevelopmentConfig(DefaultConfig):
     # Indicates that it is a dev environment
     DEBUG = True
 
-    # SQLAlchemy connection options
-    # This will create in the applications folder (where manage.py is)
-    # a database named flaskbb.sqlite.
-    #SQLALCHEMY_DATABASE_URI = "postgresql://flaskbb@localhost:5432/flaskbb"
+    # Prefer HTTP for development
+    PREFERRED_URL_SCHEME = "http"
+
+    # Database
     SQLALCHEMY_DATABASE_URI = 'sqlite:///' + DefaultConfig._basedir + '/' + \
                               'flaskbb.sqlite'
 
@@ -30,32 +32,16 @@ class DevelopmentConfig(DefaultConfig):
     WTF_CSRF_ENABLED = True
     WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
 
-    # Recaptcha
-    # To get recaptcha, visit the link below:
-    # https://www.google.com/recaptcha/admin/create
-    # Those keys are only going to work on localhost!
-    RECAPTCHA_ENABLED = True
-    RECAPTCHA_USE_SSL = False
-    RECAPTCHA_PUBLIC_KEY = "6LcZB-0SAAAAAGIddBuSFU9aBpHKDa16p5gSqnxK"
-    RECAPTCHA_PRIVATE_KEY = "6LcZB-0SAAAAAPuPHhazscMJYa2mBe7MJSoWXrUu"
-    RECAPTCHA_OPTIONS = {"theme": "white"}
-
-    # Mail
+    # Redis
+    REDIS_ENABLED = False
+    REDIS_URL = "redis://localhost:6379"
+
     # Local SMTP Server
-    #MAIL_SERVER = "localhost"
-    #MAIL_PORT = 25
-    #MAIL_USE_SSL = False
-    #MAIL_USERNAME = ""
-    #MAIL_PASSWORD = ""
-    #MAIL_DEFAULT_SENDER = "noreply@example.org"
-
-    # Google Mail Example
-    MAIL_SERVER = "smtp.gmail.com"
-    MAIL_PORT = 465
-    MAIL_USE_SSL = True
-    MAIL_USERNAME = "your_username@gmail.com"
-    MAIL_PASSWORD = "your_password"
-    MAIL_DEFAULT_SENDER = ("Your Name", "your_username@gmail.com")
-
-    # The user who should recieve the error logs
+    MAIL_SERVER = "localhost"
+    MAIL_PORT = 25
+    MAIL_USE_SSL = False
+    MAIL_USERNAME = ""
+    MAIL_PASSWORD = ""
+    MAIL_DEFAULT_SENDER = ("FlaskBB Mailer", "noreply@example.org")
+
     ADMINS = ["your_admin_user@gmail.com"]

flaskbb/configs/production.py.example

@@ -1,6 +1,6 @@
 """
-    flaskbb.configs.example
-    ~~~~~~~~~~~~~~~~~~~~
+    flaskbb.configs.production
+    ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
     This is how a production configuration can look like.
 
@@ -11,16 +11,51 @@ from flaskbb.configs.default import DefaultConfig
 
 
 class ProductionConfig(DefaultConfig):
+    # Flask Settings
+    # ------------------------------
+    # There is a whole bunch of more settings available here:
+    # http://flask.pocoo.org/docs/0.11/config/#builtin-configuration-values
+    DEBUG = False
+    TESTING = False
+
+    # Server Name - REQUIRED for Celery/Mailing
+    # The name and port number of the server.
+    # Required for subdomain support (e.g.: 'myapp.dev:5000') and
+    # URL generation without a request context but with an application context
+    # which we need in order to generate URLs (with the celery application)
+    # Note that localhost does not support subdomains so setting this to
+    # “localhost” does not help.
+    # Example for the FlaskBB forums: SERVER_NAME = "forums.flaskbb.org"
+    #SERVER_NAME =
+
+    # Prefer HTTPS over HTTP
+    PREFERRED_URL_SCHEME = "https"
 
-    ## Database
-    # If no SQL service is choosen, it will fallback to sqlite
+    # If SEND_LOGS is set to True, the admins (see the mail configuration) will
+    # recieve the error logs per email.
+    SEND_LOGS = False
+
+    # The filename for the info and error logs. The logfiles are stored at
+    # flaskbb/logs
+    INFO_LOG = "info.log"
+    ERROR_LOG = "error.log"
+
+    # Database
+    # ------------------------------
     # For PostgresSQL:
-    #SQLALCHEMY_DATABASE_URI = "postgresql://localhost/example"
+    #SQLALCHEMY_DATABASE_URI = "postgresql://flaskbb@localhost:5432/flaskbb"
     # For SQLite:
-    #SQLALCHEMY_DATABASE_URI = 'sqlite:///' + DefaultConfig._basedir + '/' + \
-    #                          'flaskbb.sqlite'
+    SQLALCHEMY_DATABASE_URI = 'sqlite:///' + _basedir + '/' + \
+                              'flaskbb.sqlite'
+
+    # This option will be removed as soon as Flask-SQLAlchemy removes it.
+    # At the moment it is just used to suppress the super annoying warning
+    SQLALCHEMY_TRACK_MODIFICATIONS = False
+    # This will print all SQL statements
+    SQLALCHEMY_ECHO = False
 
-    ## Security
+    # Security - IMPORTANT
+    # ------------------------------
     # This is the secret key that is used for session signing.
     # You can generate a secure key with os.urandom(24)
     SECRET_KEY = 'secret key'
@@ -32,33 +67,68 @@ class ProductionConfig(DefaultConfig):
     WTF_CSRF_SECRET_KEY = "reallyhardtoguess"
 
 
-    ## Caching
+    # Full-Text-Search
+    # ------------------------------
+    # This will use the "whoosh_index" directory to store the search indexes
+    WHOOSHEE_DIR = os.path.join(_basedir, "whoosh_index", _VERSION_STR)
+    # How long should whooshee try to acquire write lock? (defaults to 2)
+    WHOOSHEE_WRITER_TIMEOUT = 2
+    # Minimum number of characters for the search (defaults to 3)
+    WHOOSHEE_MIN_STRING_LEN = 3
+
+    # Auth
+    # ------------------------------
+    LOGIN_VIEW = "auth.login"
+    REAUTH_VIEW = "auth.reauth"
+    LOGIN_MESSAGE_CATEGORY = "info"
+    REFRESH_MESSAGE_CATEGORY = "info"
+
+    # The name of the cookie to store the “remember me” information in.
+    # Default: remember_token
+    #REMEMBER_COOKIE_NAME = "remember_token"
+    # The amount of time before the cookie expires, as a datetime.timedelta object.
+    # Default: 365 days (1 non-leap Gregorian year)
+    #REMEMBER_COOKIE_DURATION = datetime.timedelta(days=365)
+    # If the “Remember Me” cookie should cross domains,
+    # set the domain value here (i.e. .example.com would allow the cookie
+    # to be used on all subdomains of example.com).
+    # Default: None
+    #REMEMBER_COOKIE_DOMAIN = None
+    # Limits the “Remember Me” cookie to a certain path.
+    # Default: /
+    #REMEMBER_COOKIE_PATH = "/"
+    # Restricts the “Remember Me” cookie’s scope to secure channels (typically HTTPS).
+    # Default: None
+    #REMEMBER_COOKIE_SECURE = None
+    # Prevents the “Remember Me” cookie from being accessed by client-side scripts.
+    # Default: False
+    #REMEMBER_COOKIE_HTTPONLY = False
+
+    # Rate Limiting via Flask-Limiter
+    # -------------------------------
+    # A full list with configuration values is available here:
+    # http://flask-limiter.readthedocs.io/en/stable/#configuration
+
+    # You can choose from:
+    #   memory:// (default)
+    #   redis://host:port
+    #   memcached://host:port
+    # Using the redis storage requires the installation of the redis package,
+    # which will be installed if you enable REDIS_ENABLE while memcached
+    # relies on the pymemcache package.
+    #RATELIMIT_STORAGE_URL = "redis://localhost:6379"
+
+    # Caching
+    # ------------------------------
     # For all available caching types, take a look at the Flask-Cache docs
-    # https://pythonhosted.org/Flask-Cache/#configuring-flask-cache
+    # https://pythonhosted.org/Flask-Caching/#configuring-flask-caching
     CACHE_TYPE = "simple"
+    # For redis:
+    #CACHE_TYPE = "redis"
     CACHE_DEFAULT_TIMEOUT = 60
 
-
-    ## Captcha
-    # To get recaptcha, visit the link below:
-    # https://www.google.com/recaptcha/admin/create
-    RECAPTCHA_ENABLED = False
-    RECAPTCHA_USE_SSL = False
-    RECAPTCHA_PUBLIC_KEY = "your_public_recaptcha_key"
-    RECAPTCHA_PRIVATE_KEY = "your_private_recaptcha_key"
-    RECAPTCHA_OPTIONS = {"theme": "white"}
-
-
-    ## Mail
-    # Local SMTP Server
-    MAIL_SERVER = "localhost"
-    MAIL_PORT = 25
-    MAIL_USE_SSL = False
-    MAIL_USERNAME = ""
-    MAIL_PASSWORD = ""
-    MAIL_DEFAULT_SENDER = ("FlaskBB Mailer", "noreply@example.org")
-
-
+    # Mail
+    # ------------------------------
     # Google Mail Example
     #MAIL_SERVER = "smtp.gmail.com"
     #MAIL_PORT = 465
@@ -67,40 +137,36 @@ class ProductionConfig(DefaultConfig):
     #MAIL_PASSWORD = "your_password"
     #MAIL_DEFAULT_SENDER = ("Your Name", "your_username@gmail.com")
 
-    # The user who should recieve the error logs
-    #ADMINS = ["your_admin_user@gmail.com"]
-
-
-    ## Error/Info Logging
-    # If SEND_LOGS is set to True, the admins (see the mail configuration) will
-    # recieve the error logs per email.
-    SEND_LOGS = False
-
-    # The filename for the info and error logs. The logfiles are stored at
-    # flaskbb/logs
-    INFO_LOG = "info.log"
-    ERROR_LOG = "error.log"
-
-    # Flask-Redis
+    # Local SMTP Server
+    MAIL_SERVER = "localhost"
+    MAIL_PORT = 25
+    MAIL_USE_SSL = False
+    MAIL_USE_TLS = False
+    MAIL_USERNAME = "noreply@example.org"
+    MAIL_PASSWORD = ""
+    MAIL_DEFAULT_SENDER = ("Default Sender", "noreply@example.org")
+    # Where to logger should send the emails to
+    ADMINS = ["admin@example.org"]
+
+    # Redis
+    # ------------------------------ #
+    # If redis is enabled, it can be used for:
+    #   - Sending non blocking emails via Celery (Task Queue)
+    #   - Caching
+    #   - Rate Limiting
     REDIS_ENABLED = False
-    REDIS_URL = "redis://:password@localhost:6379"
+    REDIS_URL = "redis://localhost:6379"  # or with a password: "redis://:password@localhost:6379"
     REDIS_DATABASE = 0
 
-    # Flask-Limiter
-    # A full list with configuration values is available here:
-    # http://flask-limiter.readthedocs.io/en/stable/#configuration
-
-    # You can choose from:
-    #   memory:// (default)
-    #   redis://host:port
-    #   memcached://host:port
-    # Using the redis storage requires the installation of the redis package,
-    # which will be installed if you enable REDIS_ENABLE while memcached
-    # relies on the pymemcache package.
-    #RATELIMIT_STORAGE_URL = "redis://localhost:6379"
+    # Celery
+    CELERY_BROKER_URL = 'redis://localhost:6379'
+    CELERY_RESULT_BACKEND = 'redis://localhost:6379'
 
-    # URL Prefixes. Only change it when you know what you are doing.
+    # FlaskBB Settings
+    # ------------------------------ #
+    # URL Prefixes
     FORUM_URL_PREFIX = ""
     USER_URL_PREFIX = "/user"
+    MESSAGE_URL_PREFIX = "/message"
     AUTH_URL_PREFIX = "/auth"
     ADMIN_URL_PREFIX = "/admin"