joker
/
packagist


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
							imports:
    - { resource: config.yml }

doctrine:
    orm:
        metadata_cache_driver: '%doctrine_cache_backend%'
        result_cache_driver:
            type: predis
            cache_provider: predis
        query_cache_driver: '%doctrine_cache_backend%'

doctrine_cache:
    providers:
        predis:
            type: predis
            predis:
                client_id: snc_redis.cache_client

monolog:
    handlers:
        main:
            type:         fingers_crossed
            action_level: error
            handler:      nested
            channels: ['!event']
            excluded_404s:
                - ^/
        nested:
            type:  stream
            path:  '%kernel.logs_dir%/%kernel.environment%.log'
            level: debug
            include_stacktraces: true

snc_redis:
    clients:
        default:
            type: predis
            alias: default
            dsn: '%redis_dsn%'
            options:
                profile: 2.8
        cache:
            type: predis
            alias: cache
            dsn: '%redis_session_dsn%'
            options:
                profile: 2.8
    session:
        client: cache
        ttl: 3600

framework:
    session:
        handler_id: snc_redis.session.handler
        cookie_secure: '%force_ssl%'
    validation:
        cache: '%validation_cache_backend%'

nelmio_security:
    clickjacking:
        paths:
            '^/.*': DENY
    forced_ssl:
        enabled: '%force_ssl%'
        hsts_max_age: 31104000 # 1y
    csp:
        enabled: true
        report_logger_service: logger
        hosts: []
        content_types: []
        enforce:
            browser_adaptive:
                enabled: false
            default-src:
                - 'self'
            script-src:
                - 'self'
                - 'unsafe-inline'
                - 'unsafe-eval'
                - 'https://cdn.jsdelivr.net/'
                - 'https://ssl.google-analytics.com/'
            connect-src:
                - 'self'
                - '*.algolia.net'
                - '*.algolianet.com'
            img-src:
                - 'self'
                - 'https://www.gravatar.com/'
                - 'https://camo.githubusercontent.com/'
                - 'https://ssl.google-analytics.com/'
                - 'http://www.google-analytics.com/'
            style-src:
                - 'self'
                - 'unsafe-inline'
                - 'https://fonts.googleapis.com/'
            font-src:
                - 'self'
                - 'https://fonts.gstatic.com/'
            block-all-mixed-content: true # defaults to false, blocks HTTP content over HTTPS transport