Configuration¶
All the information regarding the system is stored in a configuration file. The default
configuration file is stored in your home directory:
~/.acpy/api.config
but you can specify a different location from the command line
with the -c option.
If no configuration file is found, it will copy an example configuration file in ~/.acpy/api.config
.
The example contains placeholders for all required values.
General settings¶
The following parameters are available as general settings:
Logging settings¶
The following parameters are available for logging:
log_file
specifies the location of the logfile, default is~/.acpy/acpy.log
. If left empty, no log file is generated.max_bytes
is the maximum size of a logfile before it is rotated, default is 2.5MB.backup_count
is the maximum amount of logfiles to keep of max_bytes, default is 5.
The admin account¶
The default admin account behaves as a service account:
access
is the access code for the admin account (analog to username)secret
is the secret code for the admin account (analog to password) the password needs to be passed as sha256.
JWT token settings¶
Users and services request a token by calling the login
service. This service returns a JWT token.
issuer
is the name of the token issuer, this should reflect the URI of the API.secret
is the secret that is used for encoding the token, if left empty the FLASK shared secret is used.lifetime
is the token lifetime in seconds, default is 3600.algorithm
is the encryption algorithm for the token, default is HS256.
Database settings¶
All data is stored in a database, the connection needs to be specified in the configuration. By default we store to memory.
connection
specifies the database connection, default is sqlite://
- example of a mariadb connection:
mysql://scott:tiger@localhost/test
- example of a postgres connection:
postgresql://scott:tiger@localhost/mydatabase
We use SQLAlchemy, so for all options see engines
LDAP settings¶
For authenticating users configure an LDAP compliant connection.
host
ldap server without protocol.port
ldap portssl
secure connectionbase_dn
root for the usersrdn_attr
relative distinguished name (usuallyuid
orcn
)login_attr
what field to use for username.bind_user
user account that has read access on thebase_dn
bind_pass
password forbind_user