# Security TXT Policy Server
Security TXT Policy Server serves `.well-known/security.txt` files.
# Install
## Generic
Run the following command to create a source distribution:
```
python3 setup.py sdist
```
## PyPI
Run the following command to install the package from PyPI:
```
pip3 install security-txt-policy-server
```
# Configure
## App
The following environment variables may be specified:
```
; The app name is used in several places for this app to identify itself (string)
; Default: security-txt-policy-server
APP_NAME=
; The server will bind to this host (string)
; Default: ::1
LISTEN_HOST=
; The server will listen to this port (integer)
; Default: 8080
LISTEN_PORT=
; IP addresses of proxies that are trusted with proxy headers (comma separated list of strings)
; Default: ::1
TRUSTED_PROXY_ADDRESSES=
; The path to your JSON database (string)
; Default: none
DATABASE_PATH=
```
Only `DATABASE_PATH` is required to be set. We recommend setting it to `/var/lib/security-txt-policy-server.json`.
## JSON Database
Find an example JSON database in `security-txt-policy-server.json`.
Properties:
* `domains`. List of domains that this security.txt policy is served for.
* `expires_timestamp`. UNIX timestamp of security.txt 'Expires' field.
* `email_contacts`. (Do not add prefix `mailto:` which is required by security.txt - the server does this.)
* `url_contacts`
* `encryption_key_urls`
* `acknowledgment_urls`
* `preferred_languages`
* `policy_urls`
* `opening_urls`
Find information about these properties on https://securitytxt.org/.
# Usage
## Start
Start Security TXT Policy Server manually with:
```
bin/security-txt-policy-server
```
Find the systemd configuration in `security-txt-policy-server.service`.
## SSL
Use a proxy that terminates SSL. E.g. [HAProxy](http://www.haproxy.org/).
# Tests
Run tests with pytest:
```
DATABASE_PATH=security-txt-policy-server.json pytest tests/
```
The tests must be run from the project root.
Raw data
{
"_id": null,
"home_page": "https://github.com/CyberfusionIO/Security-TXT-Policy-Server",
"name": "security-txt-policy-server",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "",
"keywords": "cyberfusion,starlette",
"author": "William Edwards",
"author_email": "support@cyberfusion.nl",
"download_url": "https://files.pythonhosted.org/packages/3a/6c/e56f27a992d6cd406e73837f0338c2dc5bcefeaa66c67621d6c08d6a3b54/security_txt_policy_server-1.0.2.tar.gz",
"platform": "linux",
"description": "# Security TXT Policy Server\n\nSecurity TXT Policy Server serves `.well-known/security.txt` files.\n\n# Install\n\n## Generic\n\nRun the following command to create a source distribution:\n\n```\npython3 setup.py sdist\n```\n\n## PyPI\n\nRun the following command to install the package from PyPI:\n\n```\npip3 install security-txt-policy-server\n```\n\n# Configure\n\n## App\n\nThe following environment variables may be specified:\n\n```\n; The app name is used in several places for this app to identify itself (string)\n; Default: security-txt-policy-server\nAPP_NAME=\n\n; The server will bind to this host (string)\n; Default: ::1\nLISTEN_HOST=\n\n; The server will listen to this port (integer)\n; Default: 8080\nLISTEN_PORT=\n\n; IP addresses of proxies that are trusted with proxy headers (comma separated list of strings)\n; Default: ::1\nTRUSTED_PROXY_ADDRESSES=\n\n; The path to your JSON database (string)\n; Default: none\nDATABASE_PATH=\n```\n\nOnly `DATABASE_PATH` is required to be set. We recommend setting it to `/var/lib/security-txt-policy-server.json`.\n\n## JSON Database\n\nFind an example JSON database in `security-txt-policy-server.json`.\n\nProperties:\n\n* `domains`. List of domains that this security.txt policy is served for.\n* `expires_timestamp`. UNIX timestamp of security.txt 'Expires' field.\n* `email_contacts`. (Do not add prefix `mailto:` which is required by security.txt - the server does this.)\n* `url_contacts`\n* `encryption_key_urls`\n* `acknowledgment_urls`\n* `preferred_languages`\n* `policy_urls`\n* `opening_urls`\n\nFind information about these properties on https://securitytxt.org/.\n\n# Usage\n\n## Start\n\nStart Security TXT Policy Server manually with:\n\n```\nbin/security-txt-policy-server\n```\n\nFind the systemd configuration in `security-txt-policy-server.service`.\n\n## SSL\n\nUse a proxy that terminates SSL. E.g. [HAProxy](http://www.haproxy.org/).\n\n# Tests\n\nRun tests with pytest:\n\n```\nDATABASE_PATH=security-txt-policy-server.json pytest tests/\n```\n\nThe tests must be run from the project root.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Security TXT Policy Server serves `.well-known/security.txt` files.",
"version": "1.0.2",
"project_urls": {
"Homepage": "https://github.com/CyberfusionIO/Security-TXT-Policy-Server"
},
"split_keywords": [
"cyberfusion",
"starlette"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "3a6ce56f27a992d6cd406e73837f0338c2dc5bcefeaa66c67621d6c08d6a3b54",
"md5": "6e2be57a450729058ddfa60a40e7dbfc",
"sha256": "4b5dc70764bbbbe51582b4005a2d6bb30ced91002e5dace1ac16b399a3fa4792"
},
"downloads": -1,
"filename": "security_txt_policy_server-1.0.2.tar.gz",
"has_sig": false,
"md5_digest": "6e2be57a450729058ddfa60a40e7dbfc",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 8208,
"upload_time": "2024-01-22T23:01:27",
"upload_time_iso_8601": "2024-01-22T23:01:27.382275Z",
"url": "https://files.pythonhosted.org/packages/3a/6c/e56f27a992d6cd406e73837f0338c2dc5bcefeaa66c67621d6c08d6a3b54/security_txt_policy_server-1.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-22 23:01:27",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "CyberfusionIO",
"github_project": "Security-TXT-Policy-Server",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "security-txt-policy-server"
}
JSON
