Configuration reference¶
This page documents all configuration options for the Thumbor image scaling
integration.
Settings are split between the Plone side (plone.pgthumbor)
and the Thumbor side (zodb-pgjsonb-thumborblobloader).
Plone-side settings (plone.pgthumbor)¶
Environment variables¶
Environment variables take precedence over Plone registry settings. When an environment variable is set, the corresponding registry value is ignored.
Variable |
Type |
Default |
Description |
|---|---|---|---|
|
string |
(none) |
Public URL of the Thumbor server (for example, |
|
string |
|
Shared HMAC-SHA1 key for signing Thumbor URLs. Must match the |
|
boolean |
|
Generate unsigned |
If neither PGTHUMBOR_SECURITY_KEY nor PGTHUMBOR_UNSAFE is set,
Thumbor URL generation is disabled and Plone falls back to standard
ZODB-based image scaling.
Plone registry (IThumborSettings)¶
These settings are editable through the Plone control panel
(@@thumbor-settings) and stored in plone.app.registry. Environment
variables override these values when set.
Field |
Type |
Default |
Description |
|---|---|---|---|
|
TextLine |
|
Public URL of the Thumbor server. |
|
TextLine |
|
Shared HMAC-SHA1 key for signing Thumbor URLs. |
|
Bool |
|
Generate unsigned URLs (development only). |
|
Bool |
|
Enable Thumbor smart cropping (OpenCV face/feature detection). Applied to |
|
Bool |
|
Always verify image access with Plone for every request, even for publicly accessible content. When disabled, only non-public images use the authenticated 3-segment URL format. |
Crop providers (ICropProvider)¶
plone.pgthumbor uses a pluggable ICropProvider adapter to look up
explicit crop coordinates before generating Thumbor URLs.
See Write a custom crop provider for details on writing a custom
provider.
Built-in providers:
Provider |
Package |
Registration |
|---|---|---|
|
|
Automatic via conditional ZCML (registered when |
Interface: plone.pgthumbor.interfaces.ICropProvider
Method |
Parameters |
Returns |
|---|---|---|
|
|
|
When a crop provider returns coordinates, the generated Thumbor URL
includes crop instructions and forces fit_in=True, smart=False.
When no provider is registered or the provider returns None, URL
generation proceeds based on the scale mode and smart cropping settings.
Thumbor-side settings (zodb-pgjsonb-thumborblobloader)¶
All Thumbor-side settings are configured in thumbor.conf.
Loader and handler registration¶
Key |
Value |
Description |
|---|---|---|
|
|
Registers the blob loader that reads images from the |
|
|
Registers the auth handler that enforces Plone access control for 3-segment URLs. |
Security¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
(none) |
Thumbor’s HMAC-SHA1 signing key. Must match |
|
boolean |
|
Accept unsigned |
PostgreSQL connection¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
(required) |
PostgreSQL connection string (for example, |
|
integer |
|
Minimum number of connections in the async connection pool. |
|
integer |
|
Maximum number of connections in the async connection pool. |
The loader uses psycopg with AsyncConnectionPool.
On first use, it
verifies that the blob_state table exists (created by zodb-pgjsonb).
Disk cache¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
|
Directory for the local blob cache. Empty string disables caching. |
|
integer |
|
Maximum cache size in bytes. |
Cache filenames are deterministic: {zoid:016x}-{tid:016x}.blob.
Since
blobs are addressed by immutable (zoid, tid) pairs, there is no cache
invalidation concern – only LRU eviction for space management.
S3 storage (optional)¶
When blob data is stored in S3 (instead of or in addition to PG bytea),
the loader falls back to S3 if the data column is NULL and s3_key
is present.
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
|
S3 bucket name. Required when blobs use S3 tiering. |
|
string |
|
AWS region for the S3 bucket. |
|
string |
|
Custom S3 endpoint URL (for MinIO or compatible services). Empty uses the default AWS endpoint. |
S3 downloads use boto3 synchronously, wrapped in asyncio.to_thread
for compatibility with Thumbor’s async event loop.
Plone auth handler¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
|
Internal URL of the Plone site (for example, |
|
integer |
|
Auth result cache lifetime in seconds. Cached per |
Automatic image format conversion¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
boolean |
|
Automatically convert images to WebP when the browser’s |
|
boolean |
|
Automatically convert images to AVIF when the browser’s |
These are standard Thumbor settings. When enabled, format conversion is transparent – the same signed URL serves different formats based on content negotiation.
Smart cropping (detectors)¶
Key |
Type |
Default |
Description |
|---|---|---|---|
|
list of strings |
|
Thumbor detector modules for |
Detectors run in-process when a URL contains /smart/.
Face detection is tried first; feature detection is used as fallback.
On the Plone side, enable smart_cropping in the registry so URLs include /smart/.
Result storage (optional)¶
Thumbor’s built-in result storage caches the final processed images. This is separate from the blob disk cache (which caches raw originals).
Key |
Type |
Default |
Description |
|---|---|---|---|
|
string |
(none) |
Result storage backend, for example, |
|
string |
(none) |
Directory for file-based result storage. |