Skip to content
This repository was archived by the owner on Jan 21, 2023. It is now read-only.

Config

Jump to bottom
Victor Brekenfeld edited this page Aug 2, 2016 · 2 revisions

Basic hazel configuration arguments can be given via command line. However no all options are available via command line arguments, as some options need a lot more configuration then it would be feasible to provide through a single line of text. This is why you may provide a configuration file for hazel via it's -c flag.

The config file is toml file, you may read about this format here

Sections

Hazels configuration file features multiple sections, most of them are not required.

backend

  • db_url - Sets the Uri for the postgres server, including the database to use
  • migrations - Sets the folder for the provided database migrations, you can usually leave the default here
  • storage - Sets the folder for storing chocolatey packages.

web

  • max_upload_filesize_mb - Sets the maximum package size allowed to be uploaded
  • resources - Sets the folder for the provided resources like html templates hazel needs

server

  • port - Sets the webservers port

server.https - If provided lets the server host via https instead of http

  • certificate - Path to the certificate
  • key - Path to the private key

log

  • logfile - Sets the path of the logfile to write into. No logfile is created if not provided
  • verbosity - Sets the logging verbosity (0: Error, 1: Warning, 2: Info, 3: Debug, 4: Trace)
  • quiet - Disables logging to stdout/stderr completely

auth

  • superuser_password - Sets the password for the admin superuser account
  • cookie_key - Sets the key for encrypting the web frontends cookie values. (Set this to a random long (e.g. 64 characters) string or leave it free)
  • open_for_registration - Sets if registrations are possible

auth.mail - If this section exists, newly registrated accounts need to confirm their mail address before having any new permissions

  • hostname - Sets the Hostname/IP of the mail server to use
  • port - Sets the port of the mail server to use
  • hello_name - Sets the Helo/Ehlo name to use via SMTP
  • mail_address - Sets the sending mail address for confirmation mails
  • username - Sets the username if necessary
  • password - Sets the password for authentication
  • authentication - May either be CramMD5 or Plain for Authentication (Default Plain)
  • encrypt - Sets if the connection to the mail server shall always be encrypted or never (if unset: try encrypted)
  • utf8 - Sets if the mails should be encoded via UTF8
  • fullname_website - Sets the mails name of the website
  • domain_website - Sets the full domain of the website for the confirmation link

auth.ldap - If this section exists, authentication may be handled (additionally) by a ldap server

  • server_uri - Sets the ldap server uri
  • login_mask - Sets the login mask
  • login_mask_cn_substitution - Sets the substring of login_mask to be replaced by the actual user common_name
  • common_name - Sets the functional account for user search
  • password - Sets the functional accounts user password
  • scope - Sets the search scope for users
  • filter - Sets the filter to find a user given a username
  • filter_username_substitution - Sets the substring of filter to be replaced by the actual provided username
  • fullname_attr - Sets the ldap argument providing the actual common_name / fullname of the user

Full example

[backend]
db_url = "postgres://postgres:postgr3s@localhost/hazel"
migrations = "/usr/share/hazel/migrations/"
storage = "/var/lib/hazel/storage/"

[web]
max_upload_filesize_mb = 10
resources = "/usr/share/hazel/resources/"

[server]
port = 443

[server.https]
certificate = "/var/lib/hazel/cert"
key = "/var/lib/hazel/key.priv"

[log]
logfile = "/var/log/hazel.log"
quiet = false
verbosity = 3

[auth]
superuser_password = "ThisNeedsToBeVerySecure"
cookie_key = "40JXEArhoSfvDeHmkhh2xZF9ODjREQK2AujHRso8zV7tMaX0Pfq7JcnIyTtejGh0" # Please create your own
open_for_registration = true

[auth.ldap]
server_uri = "ldap://ldap.my_domain.org.com"
login_mask = "cn={cn},ou=section,dc=my_domain,dc=org,dc=com"
login_mask_cn_substitution = "{cn}"
common_name = "functional"
password = "functi0nal"
scope = "ou=section,dc=my_domain,dc=org,dc=com"
filter = "(&(objectClass=user)(!(objectClass=computer))(sAMAccountName={user})(memberof=CN=HazelUsers,ou=section,DC=my_domain,DC=org,DC=com))"
filter_username_substitution = "{user}"
fullname_attr = "cn"

Clone this wiki locally