###############################################################################
# Welcome to ERP5 / Zope 2.
###############################################################################
#
# This is the ERP5 / Zope configuration file, used as buildout template.

# Directive: instancehome
#
# Description:
#     The path to the data files, local product files, import directory,
#     and Extensions directory used by Zope.
instancehome ${instancehome}

# Directive: ip-address
#
# Description:
#     The default IP address on which Zope's various server protocol
#     implementations will listen for requests. If this is unset, Zope
#     will listen on all IP addresses supported by the machine. This
#     directive can be overridden on a per-server basis in the servers
#     section.
ip-address ${ip-address}

# Directives: servers
#
# Description:
#     A set of sections which allow the specification of Zope's various
#     ZServer servers.  7 different server types may be defined:
#     http-server, ftp-server, webdav-source-server, persistent-cgi,
#     fast-cgi, monitor-server, and icp-server.  If no servers are
#     defined, the default servers are used.
#
#     Ports may be specified using the 'address' directive either in simple
#     form (80) or in complex form including hostname 127.0.0.1:80.  If the
#     hostname is "left off", the default-ip-address is used as the hostname.
#
#     Port numbers are offset by the setting of port-base.
#
#     To run the monitor-server an emergency user must be defined 
#     (through an 'access' file).
#
# Default:
#
#     An HTTP server starts on port 8080.

<http-server>
  # valid keys are "address" and "force-connection-close"
  address ${http-address}
  force-connection-close ${http-force-connection-close}
</http-server>

# TODO in clever way:
#
#  <ftp-server>
#    # valid key is "address"
#    address 8021
#  </ftp-server>
#
#  <webdav-source-server>
#    # valid keys are "address" and "force-connection-close"
#    address 1980
#    force-connection-close off
#  </webdav-source-server>
#
#  <persistent-cgi>
#    # valid key is "path"
#    path somefile
#  </persistent-cgi>
#
#  <fast-cgi>
#    # valid key is "address"; the address may be hostname:port, port,
#    # or a path for a Unix-domain socket
#    address somefile
#  </fast-cgi>
#
#  <monitor-server>
#    # valid keys are "address"
#    address 8099
#  </monitor-server>
#
#  <icp-server>
#    # valid key is "address"
#    address 888
#  </icp-server>

#
# Directive: clienthome
#
# Description:
#     The directory in which a running Zope's process identifier files are
#     placed.
clienthome ${clienthome}

# Directive: products
#
# Description:
#     Name of a directory that contains additional Product packages.  This
#     directive may be used as many times as needed to add additional
#     collections of products.  Each directory identified will be
#     added to the __path__ of the Products package.  All Products are
#     initialized in ascending alphabetical order by product name.  If
#     two products with the same name exist in two Products directories,
#     the order in which the packages appear here defines the load
#     order.  The master Products directory exists in Zope's software home,
#     and cannot be removed from the products path (and should not be added
#     to it here).

# In profile use:
#   ProductLocationX
#   ProductLocationY

${products}

# Directives: port-base
#
# Description:
#     Offset applied to the port numbers used for ZServer
#     configurations.  For example, if the http-server port is 8080 and
#     the port-base is 1000, the HTTP server will listen on port 9080.
#     This makes it easy to change the complete set of ports used by a
#     Zope server process
port-base ${port-base}

# Directive: environment
#
# Description:
#     A section which can be used to define arbitrary key-value pairs
#     for use as environment variables during Zope's run cycle.  It
#     is not recommended to set system-related environment variables such as
#     PYTHONPATH within this section.

# In profile use:
#   <environment>
#     VAR value
#   </environment>
${environment}

# Directive: path
#
# Description:
#     Name of a directory which should be inserted into the
#     the beginning of Python's module search path.  This directive
#     may be specified as many times as needed to insert additional
#     directories.  The set of directories specified is inserted into the
#     beginning of the module search path in the order which they are specified
#     here.  Note that the processing of this directive may happen too late
#     under some circumstances; it is recommended that you use the PYTHONPATH
#     environment variable if using this directive doesn't work for you.
path ${lib_path}

# Directive: debug-mode
#
# Description:
#     A switch which controls several aspects of Zope operation useful for
#     developing under Zope.  When debug mode is on:
#
#     - The process will not detach from the controlling terminal
#
#     - Errors in product initialization will cause startup to fail
#       (instead of writing error messages to the event log file).
#
#     - Filesystem-based scripts such as skins, PageTemplateFiles, and
#       DTMLFiles can be edited while the server is running and the server
#       will detect these changes in real time.  When this switch is
#       off, you must restart the server to see the changes.
#
#     Setting this to 'off' when Zope is in a production environment is
#     encouraged, as it speeds execution (sometimes dramatically).
debug-mode ${debug-mode}

# Directive: effective-user
#
# Description:
#     If you intend to run Zope as the "root" user, you must supply this
#     directive with an effective username or userid number to which Zope
#     will 'suid' after the server ports are bound. This directive only
#     has effect under UNIX and if Zope is started as the root user.
effective-user ${effective-user}

# Directive: enable-product-installation
#
# Description:
#     If this directive is turned on, Zope performs 'product installation'
#     (the registration of Python modules in various Products directories)
#     at startup. Turning this off can speed Zope/ZEO startup time,
#     but it can also cause your Control_Panel Product list to become
#     desynchronized with the contents of your Products
#     directories.  NOTE: Zope *must* be started at least once with
#     this directive set to "on" or you will receive an error.  If using ZEO,
#     at least one ZEO client must be run with this directive set to "on"
#     once, the others can have it turned off.
#     NOTE: If your main storage is mounted read-only,
#     you must set this directive to "off".
enable-product-installation ${enable-product-installation}

# Directive: locale
#
# Description:
#     Enable locale (internationalization) support by supplying a locale
#     name to be used. See your operating system documentation for locale
#     information specific to your system. If your Python module does not
#     support the locale module, or if the requested locale is not
#     supported by your system, an error will be raised and Zope will not
#     start.
locale ${locale}

# Directive: datetime-format
#
# Description:
#     Set this variable either to "us" or "international" to force the
#     DateTime module to parse date strings either with
#     month-before-days-before-year ("us") or
#     days-before-month-before-year ("international").  The default
#     behaviour of DateTime (when this setting is left unset) is to
#     parse dates as US dates.
datetime-format ${datetime-format}

# Directive: zserver-threads
#
# Description:
#     Specify the number of threads that Zope's ZServer web server will use
#     to service requests. The default is 4.
zserver-threads ${zserver-threads}

# Directive: python-check-interval
#
# Description:
#     Specify an integer representing the Python interpreter "check
#     interval" This interval determines how often the interpreter checks
#     for periodic things such as thread switches and signal handlers. The
#     Zope default is 500, but you may want to experiment with other values
#     in order to attempt to increae performance in your particular
#     environment.
python-check-interval ${python-check-interval}

# Directive: zserver-read-only-mode
#
# Description:
#     If this directive is set to 'on', it will cause Zope to inhibit the
#     creation of log files and pid files. Access and event log files will
#     be presented on standard output. Setting this directive 'on' causes
#     pcgi, fastcgi, and daemon-related directives to have no effect.
zserver-read-only-mode ${zserver-read-only-mode}

# Directive: pid-filename
#
# Description:
#     The path to the file in which the Zope process id(s) will be written.
#     This defaults to client-home/Z2.pid.
pid-filename ${pid-filename}

# Directive: lock-filename
#
# Description:
#     The path to a "lock file" which will be locked by Zope while it's
#     running.  This file is used by zopectl.py to determine if Zope is
#     currently running.  This defaults to CLIENT_HOME/Z2.lock.
lock-filename ${lock-filename}

# Directive: mime-types
#
# Description:
#     Tells Zope about additional mime.types files that should be
#     loaded.  The files have the same format as the mime.types file
#     distributed with Apache.  The "mime-types" setting may be given
#     more than once in the configuration file.

# In profile use:
#   mime-types file1
#   mime-types file2
${mime-types}

# Directive: structured-text-header-level
#
# Description:
#     Set the default starting HTML header level for structured text
#     documents. The default is 3, which implies that top-level headers
#     will be created with an <H3> tag.
structured-text-header-level ${structured-text-header-level}

# Directive: rest-input-encoding
#
# Description:
#    Specifies the input encoding of re-StructuredText documents
#    (e.g. 'utf-8', 'iso-8859-15' or any other valid encoding recognized
#    by Python).  The default is your Python's default encoding.
rest-input-encoding ${rest-input-encoding}

# Directive: rest-output-encoding
#
# Description:
#    Specifies the output encoding of re-StructuredText documents
#    (e.g. 'utf-8', 'iso-8859-15' or any other valid encoding recognized
#    by Python).  The default is your Python's default encoding.
rest-output-encoding ${rest-output-encoding}

# Directive: rest-header-level
#
# Description:
#     Set the default starting HTML header level for restructured text
#     documents. The default is 3, which implies that top-level headers
#     will be created with an <H3> tag.
rest-header-level ${rest-header-level}

# Directive: rest-language-code
#
# Description:
#    Language code used for some internal translations inside of the docutils
#    package and for DTD bibliographic elements mapping. See
#    lib/python/docutils/languages/ for a list of supported language codes.
rest-language-code ${rest-language-code}

# Directive: cgi-environment
#
# Description:
#     A section which allows a user to define arbitrary key-value pairs for
#     use as the initial CGI environment variables. This is useful
#     when you want to proxy requests from another web server to Zserver,
#     and would like Zserver's CGI environment to reflect the CGI
#     environment of the other web server.

# In profile set:
#
#   <cgi-environment>
#     HTTPS_SERVER Foobar Server 1.0
#     HTTPS_PORT 443
#   </cgi-environment>
${cgi-environment}

# Directive: dns-server
#
# Description:
#     Specify the IP address of your DNS server in order to cause resolved
#     hostnames to be written to Zope's access log. By default, Zope will
#     not resolve hostnames unless this is set.
dns-server ${dns-server}

# Directive: http-realm
#
# Description:
#     The HTTP "Realm" header value sent by this Zope instance. This value
#     often shows up in basic authentication dialogs.
http-realm ${http-realm}

# Directive: cgi-maxlen
#
# Description:
#     Set this value to limit the amount of form data being processed 
#     by Zope to prevent DoS attacks.
cgi-maxlen ${cgi-maxlen}

# Directive: http-header-max-length
#
# Description:
#     Maximum number of bytes allowed within a HTTP request header. The request
#     is discarded and considered as a DoS attack if the header size exceeds
#     this limit.
http-header-max-length ${http-header-max-length}

# Directive: automatically-quote-dtml-request-data
#
# Description:
#     Set this directive to 'off' in order to disable the autoquoting of
#     implicitly retrieved REQUEST data by DTML code which contains a '<'
#     when used in <dtml-var> construction. When this directive is 'on',
#     all data implicitly retrieved from the REQUEST in DTML (as opposed to
#     addressing REQUEST.somevarname directly) that contains a '<' will be
#     HTML-quoted when interpolated via a <dtml-var> or &dtml- construct. This
#     mitigates the possibility that DTML programmers will leave their
#     sites open to a "client-side trojan" attack.
automatically-quote-dtml-request-data ${automatically-quote-dtml-request-data}

# Directive: trusted-proxy
#
# Description:
#     Define one or more 'trusted-proxies' directives, each of which is a
#     hostname or an IP address.  The set of definitions comprises a list
#     of front-end proxies that are trusted to supply an accurate
#     X-Forwarded-For header to Zope.  If a connection comes from
#     a trusted proxy, Zope will trust any X-Forwarded header to contain
#     the user's real IP address for the purposes of address-based
#     authentication restriction.

# In profile use:
#    trusted-proxy www.example.com
#    trusted-proxy 192.168.1.1
${trusted-proxy}

# Directive: publisher-profile-file
#
# Description:
#    Names a file on the filesystem which causes Zope's Python
#    profiling capabilities to be enabled.  For more information, see
#    the Debug Information - > Profiling tab of Zope's Control_Panel
#    via the Zope Management Interface.  IMPORTANT: setting this
#    filename will cause Zope code to be executed much more slowly
#    than normal.  This should not be enabled in production.
publisher-profile-file ${publisher-profile-file}

# Directive: security-policy-implementation
#
# Description:
#     The default Zope security machinery is implemented in C.  Change
#     this to "python" to use the Python version of the Zope security
#     machinery.  This setting may impact performance but is useful
#     for debugging purposes.  See also the "verbose-security" option
#     below.
security-policy-implementation ${security-policy-implementation}

# Directive: skip-authentication-checking
#
# Description:
#     Set this directive to 'on' to cause Zope to skip checks related
#     to authentication, for servers which serve only anonymous content.
#     Only works if security-policy-implementation is 'C'.
skip-authentication-checking ${skip-authentication-checking}

# Directive: skip-ownership-checking
#
# Description:
#     Set this directive to 'on' to cause Zope to ignore ownership checking
#     when attempting to execute "through the web" code. By default, this
#     directive is on in order to prevent 'trojan horse' security problems
#     whereby a user with less privilege can cause a user with more
#     privilege to execute dangerous code.
skip-ownership-checking ${skip-ownership-checking}

# Directive: verbose-security
#
# Description:
#     By default, Zope reports authorization failures in a terse manner in
#     order to avoid revealing unnecessary information.  This option
#     modifies the Zope security policy to report more information about
#     the reason for authorization failures.  It's designed for debugging.
#     If you enable this option, you must also set the
#     'security-policy-implementation' to 'python'.
verbose-security ${verbose-security}

# Directive: maximum-number-of-session-objects
#
# Description:
#     An integer value representing the number of items to use as a
#     "maximum number of subobjects" value of the
#     '/temp_folder/session_data' transient object container.
maximum-number-of-session-objects ${maximum-number-of-session-objects}

# Directive: session-add-notify-script-path
#
# Description:
#     An optional fill Zope path name of a callable object to be set as the
#     "script to call on object addition" of the sessioN_data transient
#     object container created in the /temp_folder folder at startup.
session-add-notify-script-path ${session-add-notify-script-path}

# Directive: session-delete-notify-script-path
#
# Description:
#     An optional fill Zope path name of a callable object to be set as the
#     "script to call on object deletion" of the sessioN_data transient
#     object container created in the /temp_folder folder at startup.
session-delete-notify-script-path ${session-delete-notify-script-path}

# Directive: session-timeout-minutes
#
# Description:
#     An integer value representing the number of minutes to be used as the
#     "data object timeout" of the '/temp_folder/session_data' transient
#     object container.
session-timeout-minutes ${session-timeout-minutes}

# Directive: session-resolution-seconds
#
# Description:
#    An integer value representing the number of seconds to be used as the
#    "timeout resolution" of the '/temp_folder/session_data' transient
#    object container.
session-resolution-seconds ${session-resolution-seconds}

# Directive: suppress-all-access-rules
#
# Description:
#     If this directive is set to on, no access rules in your Zope site
#     will be executed. This is useful if you "lock yourself out" of a
#     particular part of your site by setting an improper access rule.
suppress-all-access-rules ${suppress-all-access-rules}

# Directive: suppress-all-site-roots
#
# Description:
#     If this directive is set to on, no site roots in your Zope site will
#     be effective. This is useful if you "lock yourself out" of a
#     particular part of your site by setting an improper site root.
suppress-all-site-roots ${suppress-all-site-roots}

# Directive: database-quota-size
#
# Description:
#     Set this directive to an integer in bytes in order to place a hard
#     limit on the size which the default FileStorage-backed Zope database
#     can grow. Additions to the database will not be permitted once this
#     filesize is exceeded.
# In profile use:
#   database-quota-size value
${database-quota-size}

# Directive: read-only-database
#
# Description:
#     This causes the main Zope FileStorage-backed ZODB to be opened in
#     read-only mode.
read-only-database ${read-only-database}

# Directives: logger
#
# Description:
#     This area should define one or more "logger" sections of the
#     names "access", "event", and "trace".  The "access" logger logs
#     Zope server access.  The "event" logger logs Zope event
#     information.  The "trace" logger logs detailed server request
#     information (for debugging purposes only).  Each logger section
#     may contain a "level" name/value pair which indicates the level
#     of logging detail to capture for this logger.  The default level
#     is INFO.  Level may be any of "CRITICAL", 'ERROR", WARN", "INFO",
#     "DEBUG", and "ALL".  Each logger section may additionally contain
#     one or more "handler" sections which indicates a types of log
#     "handlers" (file, syslog, NT event log, etc) to be used for the
#     logger being defined.  There are 5 types of handlers: logfile,
#     syslog, win32-eventlog, http-handler, email-notifier.  Each
#     handler type has its own set of allowable subkeys which define
#     aspects of the handler.  All handler sections also allow for the
#     specification of a "format" (the log message format string), a
#     "dateformat" (the log message format for date strings), and a
#     "level", which has the same semantics of the overall logger
#     level but overrides the logger's level for the handler it's
#     defined upon.  XXXX much more detail necessary here
#
# Default:
#
#     The access log will log to the file <instancehome>/log/Z2.log at
#     level INFO, the event log will log to the file
#     <instancehome>/log/event.log at level INFO, and the trace log
#     will not be written anywhere.

<eventlog>
  level ${eventlog-level}
  <logfile>
    path ${eventlog-path}
  </logfile>
</eventlog>

<logger access>
  level ${access-level}
  <logfile>
    path ${access-path}
    format ${access-format}
  </logfile>
</logger>

# <logger trace>
#   level WARN
#   <logfile>
#     path INSTANCE/log/trace.log
#     format %(message)s
#   </logfile>
# </logger>

# Directive: warnfilter
#
# Description:
#     A section that allows you to define a warning filter.
#     The following keys are valid within a warnfilter section:
#
#      action:  one of the following strings:
#
#           "error"   turn matching warnings into exceptions
#           "ignore"  never print matching warnings
#           "always"  always print matching warnings
#           "default" print the first occurrence of matching warnings
#                     for each location where the warning is issued
#           "module"  print the first occurrence of matching warnings
#                     for each module where the warning is issued
#           "once"    print only the first occurrence of matching
#                     warnings, regardless of location
#
#      message:  a string containing a regular expression that the
#                warning message must match (the match is compiled to
#                always be case-insensitive)
#
#      category: a Python dotted-path classname (must be a subclass of
#                Warning) of which the warning category must be a subclass in
#                order to match
#
#      module:   a string containing a regular expression that the
#                module name must match (the match is compiled to be
#                case-sensitive)
#
#      lineno:   an integer that the line number where the warning
#                occurred must match, or 0 to match all line numbers
#
#     All keys within a warnfilter section are optional.  More than
#     one warnfilter section may be specified.

# In profile use:
#    <warnfilter>
#       action ignore
#       category exceptions.DeprecationWarning
#    </warnfilter>
${warnfilter}

# Directive: max-listen-sockets
#
# Description:
#     The maximum number of sockets that ZServer will attempt to open
#     in order to service incoming connections.
max-listen-sockets ${max-listen-sockets}

# Directive: large-file-threshold
#
# Description:
#     Requests bigger than this size get saved into a temporary file
#     instead of being read completely into memory.
# In profile use:
#   large-file-threshold value
${large-file-threshold}

# Directive: default-zpublisher-encoding
#
# Description:
#     This controls what character set is used to encode unicode
#     data that reaches ZPublisher without any other specified encoding.
default-zpublisher-encoding ${default-zpublisher-encoding}


# Database (zodb_db) section
#
# Description:
#     A database section allows the definition of custom database and
#     storage types.  More than one zodb_db section can be defined.

<zodb_db main>
    # Main FileStorage database
    <filestorage>
      path ${zodb-path}
    </filestorage>
    mount-point /
</zodb_db>

<zodb_db temporary>
    # Temporary storage database (for sessions)
    <temporarystorage>
      name temporary storage for sessioning
    </temporarystorage>
    mount-point /temp_folder
    container-class Products.TemporaryFolder.TemporaryContainer
</zodb_db>

# Timeserver to have ticks in zope
%import timerserver
<timer-server>
  interval ${timer-server-interval}
</timer-server>