3. Settings

3.1. General settings

ROOT_URL

The root URL for the application, e.g. https://das.example.com/api/v1.

UI_URL

The URL for the UI, e.g. https://das.example.com/api/v1/ui.

AUDIT_ENABLED

Enable or disable audit logging to a central syslog server, e.g. True.

AUDIT_SERVER

Hostname of the central syslog server, e.g. syslog.

CONTACT_EMAIL

Support email address for e.g. users having trouble logging in.

LOGO_UI

Location of the logo image for the UI. May be a relative path, e.g. /static/images/mgrid_logo.svg if the logo is present in the DAS Docker image, or an absolute URL, e.g. https://das.example.com/logo.png. In the case of an absolute URL, make sure that the CORS settings of the nginx proxy in the Docker image allow this URL.

LOGO_EMAIL

Location of the logo image for emails that are sent out, e.g. https://das.example.com/logo.png. Depending on the mail client that receives the email message, this may show as the actual logo, a broken image or not show up at all. If set to None, the logo will not be included in email messages.

3.2. Security settings

SECRET_KEY

The secret key that is used to authenticate requests to the UI, e.g. secret.

JWT_SECRET_KEY

The JWT secret key that is used to authenticate requests to the management API, e.g. jwt_secret.

AD_URL

An url of the form ‘ldap://ad:389’ that describes the location of the Active Directory. Note that in the query active directory mannerisms are used, so a normal ldap will not suffice.

AD_USER

AD administrator account. This account is used to retrieve user information after login, when the user password is no longer in context and available.

AD_PASSWORD

AD administrator password.

AD_BASE_DN

A base DN of the form ‘dc=mgrid,dc=net’ that is used as the root for all queries.

AD_USER_DOMAIN

A user domain that is added to all user names when they authenticate without a backslash or at sign in the username. Typical example MGRID\

AZURE_AUTHORITY_URL

The url for authentication. This is where the user will be redirected to for logging in. By default https://login.microsoftonline.com/{tenant_id}

AZURE_RESOURCE_URL

The url for identity and group information of the user. By default https://graph.microsoft.com

AZURE_TENANT_ID

Identifier for the Azure tenant.

AZURE_CLIENT_ID

Identifier for the Azure client.

AZURE_CLIENT_SECRET

Secret for the Azure client.

AZURE_REDIRECT_URI

The uri where the user is redirected to when the login was successful. Typical value is https://das/api/v1/auth/azure

DUO_ENABLED

Boolean; set to True to enable, False to disable.

DUO_IKEY

One of the keys needed to interact with the DUO servers.

DUO_SKEY

One of the keys needed to interact with the DUO servers.

DUO_APIHOSTNAME

Hostname of the DUO server to interact with, e.g. api-ffffffff.duosecurity.com.

3.3. Database settings

DB_HOST

The hostname of the application model database, e.g. postgres.

DB_PORT

The port number of the application model database, e.g. 5432.

DB_USER

The username for the application model database, e.g. das.

DB_PASSWORD

The password for the application model database, e.g. secret.

DB_NAME

The name of the application model database, e.g. das.

SQLALCHEMY_DATABASE_URI

The URL of the application model database, e.g. postgresql://das:secret@postgres:5432/das. In the default configuration file, this is built up by the DB_* settings.

3.4. Mail settings

MAIL_SERVER

Hostname of the mailserver, e.g. mail.example.com.

MAIL_PORT

SMTP port of the mailserver, e.g. 25.

MAIL_USERNAME

Username for authentication with the mail server. May be set to None if no authentication is needed.

MAIL_PASSWORD

Password for authentication with the mail server. May be set to None if no authentication is needed.