87 lines
4.3 KiB
TOML
87 lines
4.3 KiB
TOML
|
##################################
|
||
|
# trifid-api example config file #
|
||
|
##################################
|
||
|
# trifid-api, an open source reimplementation of the Defined Networking nebula management server.
|
||
|
# Copyright (C) 2023 c0repwn3r
|
||
|
#
|
||
|
# This program is free software: you can redistribute it and/or modify
|
||
|
# it under the terms of the GNU General Public License as published by
|
||
|
# the Free Software Foundation, either version 3 of the License, or
|
||
|
# (at your option) any later version.
|
||
|
#
|
||
|
# This program is distributed in the hope that it will be useful,
|
||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
# GNU General Public License for more details.
|
||
|
#
|
||
|
# You should have received a copy of the GNU General Public License
|
||
|
# along with this program. If not, see <https:#www.gnu.org/licenses/>.
|
||
|
|
||
|
# Please read this file in it's entirety to learn what options you do or don't need to change
|
||
|
# to get a functional trifid-api instance.
|
||
|
|
||
|
# What port should the API server listen on?
|
||
|
# e.g. 8000 would mean the server is reachable at localhost:8000.
|
||
|
# You probably don't need to change this.
|
||
|
listen_port = 8000
|
||
|
|
||
|
# What is the postgres connection url to connect to the database?
|
||
|
# Example: postgres://username:password@database_host/database_name
|
||
|
# You absolutely need to change this.
|
||
|
db_url = "postgres://postgres@localhost/trifidapi"
|
||
|
|
||
|
# What is the externally accessible URL of this instance?
|
||
|
# If you are running behind a reverse proxy, or a domain name, or similar,
|
||
|
# you need to set this to the URL that the web UI can make requests to.
|
||
|
# e.g. http://localhost:8000
|
||
|
# Reminder: this ip needs to be internet-accessible.
|
||
|
# You absolutely need to change this.
|
||
|
base = "http://localhost:8000"
|
||
|
|
||
|
# What is the externally accessible URL of the **web ui** for this instance?
|
||
|
# This URL will be used to generate magic links, and needs to be correct.
|
||
|
# You absolutely need to change this.
|
||
|
web_root = "http://localhost:5173"
|
||
|
|
||
|
# How long should magic links be valid for (in seconds)?
|
||
|
# You probably don't need to change this, 86400 (24 hours) is a sane default.
|
||
|
magic_links_valid_for = 86400
|
||
|
|
||
|
# How long should session tokens be valid for (in seconds)?
|
||
|
# This controls how long a user can go without requesting a new "magic link" to re-log-in.
|
||
|
# This is a completley independent timer than `totp_verification_valid_for` - the auth token can (and often will) expire
|
||
|
# while the session token remains completley valid.
|
||
|
# You probably don't need to change this, 86400 (24 hours) is a sane default.
|
||
|
session_tokens_valid_for = 86400
|
||
|
|
||
|
# How long should 2FA authentication be valid for (in seconds)?
|
||
|
# This controls how long a user can remain logged in without having to re-do the 2FA authentication process.
|
||
|
# This is a completley independent timer than `session_tokens_valid_for` - the session token can expire while the 2FA token
|
||
|
# remains completley valid.
|
||
|
# You probably don't need to change this, 3600 (1 hour) is a sane default.
|
||
|
totp_verification_valid_for = 3600
|
||
|
|
||
|
# The per-instance data encryption key to protect sensitive data in the instance.
|
||
|
# YOU ABSOLUTELY NEED TO CHANGE THIS. If you don't change anything else in this file, this should be the one thing you change.
|
||
|
# Reiterating:
|
||
|
# -----
|
||
|
# YOU ABSOLUTELY NEED TO CHANGE THIS VALUE
|
||
|
# -----
|
||
|
# Leaving this at it's default (edd600bcebea461381ea23791b6967c8667e12827ac8b94dc022f189a5dc59a2) is DANGEROUS
|
||
|
# and UNSAFE, and could lead to DATA LEAKS and SECURITY BREACHES.
|
||
|
#
|
||
|
# This should be a 32-byte hex value. Generate it with `openssl rand -hex 32`, or any other tool of your choice.
|
||
|
# If you get "InvalidLength" errors while trying to do anything involving organizations, that indicates that this
|
||
|
# value was improperly generated.
|
||
|
#
|
||
|
# ------- WARNING -------
|
||
|
# DO NOT CHANGE THIS VALUE IN A PRODUCTION INSTANCE.
|
||
|
# CHANGING THIS VALUE WILL RESULT IN PERMANENT, IRREVERSIBLE LOSS OF **ALL** ORGANIZATION DATA IN THE DATABASE.
|
||
|
# IT IS DIRECTLY RESPONSIBLE FOR DECRYPTING ORGANIZATION KEYS.
|
||
|
# ENSURE THAT ORGANIZATIONS FUNCTION PROPERLY BEFORE CREATING A PRODUCTION ORGANIZATION.
|
||
|
# REITERATING: CHANGING THIS VALUE WILL RESULT IN PERMANENT, IRREVIRSIBLE LOSS OF **ALL** ORGANIZATION DATA IN THE DATABASE.
|
||
|
# DO NOT CHANGE THIS VALUE IN A PRODUCTION INSTANCE.
|
||
|
# THERE IS NO GOING BACK.
|
||
|
# ------- WARNING -------
|
||
|
data_key = "edd600bcebea461381ea23791b6967c8667e12827ac8b94dc022f189a5dc59a2"
|