forked from MISP/misp-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.env
156 lines (135 loc) · 4.39 KB
/
template.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
##
# Build-time variables
##
CORE_TAG=v2.4.194
MODULES_TAG=v2.4.195
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a
# PYPY_* vars take precedence over MISP's
# PYPI_REDIS_VERSION="==5.0.*"
# PYPI_LIEF_VERSION=">=0.13.1"
# PYPI_PYDEEP2_VERSION="==0.5.*"
# PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
# PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
# PYPI_MAEC_VERSION="==4.1.*"
# PYPI_MIXBOX_VERSION="==1.0.*"
# PYPI_CYBOX_VERSION="==2.1.*"
# PYPI_PYMISP_VERSION="==2.4.178"
# CORE_COMMIT takes precedence over CORE_TAG
# CORE_COMMIT=c56d537
# MODULES_COMMIT takes precedence over MODULES_TAG
# MODULES_COMMIT=de69ae3
##
# Run-time variables
##
# Email/username for user #1, defaults to MISP's default ([email protected])
ADMIN_EMAIL=
# name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=
# defaults to an automatically generated one
ADMIN_KEY=
# defaults to MISP's default (admin)
ADMIN_PASSWORD=
# defaults to 'passphrase'
GPG_PASSPHRASE=
# defaults to 1 (the admin user)
CRON_USER_ID=
# defaults to 'https://localhost'
BASE_URL=
# store settings in db except those that must stay in config.php. true/false, defaults to false
ENABLE_DB_SETTINGS=
# defines the FQDN of the mail sub-system (defaults to 'mail')
# SMTP_FQDN=
# optional and used by the mail sub-system
SMARTHOST_ADDRESS=
SMARTHOST_PORT=
SMARTHOST_USER=
SMARTHOST_PASSWORD=
SMARTHOST_ALIASES=
# optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
# For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
# note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID=
SYNCSERVERS_1_KEY=
# optional and used to set mysql db and credentials
# MYSQL_HOST=
# MYSQL_PORT=
# MYSQL_USER=
# MYSQL_PASSWORD=
# MYSQL_ROOT_PASSWORD=
# MYSQL_DATABASE=
# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.
# MISP.email, used for notifications. Also used
# for GnuPG.email and GPG autogeneration.
# MISP_EMAIL=
# MISP.contact, the e-mail address that
# MISP should include as a contact address
# for the instance's support team.
# MISP_CONTACT=
# Enable GPG autogeneration (default true)
# AUTOCONF_GPG=true
# Enable admin (user #1) API key autogeneration
# if ADMIN_KEY is not set above (default true)
# AUTOGEN_ADMIN_KEY=true
# Disable IPv6 completely
# DISABLE_IPV6=true
# Disable SSL redirect
# DISABLE_SSL_REDIRECT=true
# Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
# OIDC_ENABLE=true
# OIDC_PROVIDER_URL=
# OIDC_CLIENT_ID=
# OIDC_CLIENT_SECRET=
# OIDC_ROLES_PROPERTY="roles"
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
# OIDC_DEFAULT_ORG=
# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component,
# users should not be able to control the HTTP header configured in LDAP_APACHE_ENV
# (e.g. REMOTE_USER), this means you must not allow direct access to MISP.
# NOTE 2: You need to escape special characters twice, e.g., "pass\word" becomes "pass\\\\word".
# LDAP_ENABLE=true
# LDAP_APACHE_ENV="REMOTE_USER"
# LDAP_SERVER="ldap://your_domain_controller"
# LDAP_STARTTLS=true
# LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
# LDAP_READER_PASSWORD="password"
# LDAP_DN="OU=Users,DC=domain,DC=net"
# LDAP_SEARCH_FILTER=""
# LDAP_SEARCH_ATTRIBUTE="uid"
# LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
# LDAP_DEFAULT_ROLE_ID="3"
# LDAP_DEFAULT_ORG="1"
# LDAP_EMAIL_FIELD="[\"mail\"]"
# LDAP_OPT_PROTOCOL_VERSION="3"
# LDAP_OPT_NETWORK_TIMEOUT="-1"
# LDAP_OPT_REFERRALS=false
# Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
# AAD_ENABLE=true
# AAD_CLIENT_ID=
# AAD_TENANT_ID=
# AAD_CLIENT_SECRET=
# AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
# AAD_PROVIDER="https://login.microsoftonline.com/"
# AAD_PROVIDER_USER="https://graph.microsoft.com/"
# AAD_MISP_USER="Misp Users"
# AAD_MISP_ORGADMIN="Misp Org Admins"
# AAD_MISP_SITEADMIN="Misp Site Admins"
# AAD_CHECK_GROUPS=false
# Enable the use of a Proxy server
# PROXY_ENABLE=true
# PROXY_HOST=
# PROXY_PORT=
# PROXY_METHOD=
# PROXY_USER=
# PROXY_PASSWORD=
# Enable debugging
# ALWAYS SET THIS TO 0 IN PRODUCTION
# 0 - Debug off (default)
# 1 - Debug on
# 2 - Debug on + SQL dump
# DEBUG=