forked from DefectDojo/godojo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdojoConfig.yml
179 lines (176 loc) · 4.81 KB
/
dojoConfig.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# Default config for godojo installations
Install:
Version: "1.5.3.1" # Release version of DefectDojo from https://github.com/DefectDojo/django-DefectDojo/releases
SourceInstall: true # If true, a souce code install will be installed overriding the version above ^
SourceBranch: "dev" # The branch to be checked out if SourceInstall is true - HEAD will be checked out
SourceCommit: bc39a2345af1860431633d91615f2c51de1b6cf2 # If there is a value here, the specific commit will be used over the branch ^
Quiet: false # Suppress normal output - only errors will be shown
Trace: true # Turn on the most verbose logging option
Redact: true # Redact sensitive information from the logs
Prompt: false # Prompt for configuration values - NOT IMPLEMENTED YET
Set: "Single Server" # Pre-defined configuration options - NOT IMPLEMENTED YET
Root: "/opt/dojo" # Note: No traiing /
Source: "django-DefectDojo"
Files: "local"
Media: "media"
Static: "static"
App: "dojo"
Sampledata: false
PullSource: true # DEFAULT true
# Venv: install.root
DB:
Engine: "MySQL" # Supported values: SQLite, MySQL, PostgreSQL, MariaDB - CASE sEnSiTiVE!
Local: true
Exists: false
Ruser: "root" # The root aka super user for the database - this and Rpass below REQUIRED for remote and existing DBs
Rpass: "vee0Thoanae1daePooz0ieka" # DB root user is used create Dojo DB configuration for either (1) remote DBs or (2) existing local DBs
Name: "dojodb"
User: "dojodbusr"
Pass: "vee0Thoanae1daePooz0ieka"
Host: "localhost"
Port: 3306
Drop: false
OS:
User: "dojo-srv"
Pass: "wahlieboojoKa8aitheibai3"
Group: "dojo-srv"
Settings:
Dist: "/dojo/settings/settings.dist.py"
File: "/dojo/settings/settings.py"
# Env: "/scripts/common/install-env" - this is no longer needed. vestige of setup.bash
Env: "/dojo/settings/.env.prod"
Admin:
User: "admin"
Pass: "admin"
Email: "admin@localhost"
Settings:
Debug: true # false
Login:
Redirect:
Url: "/"
Django:
Admin:
Enabled: false
Session:
Cookie:
HTTPOnly: true
CSRF:
Cookie:
HTTPOnly: true
Secure: false
Secure:
SSL:
Redirect: false
HSTS:
Include:
Subdomains: false
Seconds: 31536000 # aka 1 year in seconds
Browser:
XSS:
Filter: false
Proxy:
SSL:
Header: false
Time:
Zone: "UTC"
Lang: "en-us"
Wkhtmltopdf: "/usr/local/bin/wkhtmltopdf"
Team:
Name: "Security Team"
Admins: "DefectDojo:dojo@localhost,Admin:admin@localhost"
Port:
Scan:
Contact:
Email: "email@localhost"
Result:
Email:
From: "email@localhost"
External:
Unit:
Email:
List: "['email@localhost']" # List of email addresses like ['email@ex.com'] or ['email@ex.com', 'another@ex.com']
Source:
IP: "127.0.0.1"
Whitenoise: false
Track:
Migrations: false
Test:
Runner: "django.test.runner.DiscoverRunner"
Database:
Name: "test_defectdojo"
URL:
Prefix: ""
Root: "" # Calculated based on install time config
Language:
Code: "en-us"
Site:
ID: 1
Use:
I18N: true
L10N: true
TZ: true
Media:
Root: "" # Calcuated based on install time config
URL: "/media/"
Static:
Root: "" # Calcuated based on install time config
URL: "/static/"
Celery:
Broker:
URL: ""
Scheme: "sqla_sqlite"
User: ""
Password: ""
Host: ""
Port: -1
Path: "/dojo.celerydb.sqlite"
Task:
Ignore:
Result: true
Serializer: "pickle"
Result:
Backend: "django-db"
Expires: 86400
Beat:
Schedule:
Filename: "" # Calculated using DD_INSTALL_FILES + doj.celery.beat.db
Force:
Lowercase:
Tags: true
Max:
Tag:
Length: 25
Database:
Engine: "" # Calcuated based on install time config
Host: "" # Calcuated based on install time config
Name: "" # Calcuated based on install time config
Password: "" # Calcuated based on install time config
Port: "" # Calcuated based on install time config
User: "" # Calcuated based on install time config
Secret:
Key: "." # If unchanged, a random value will be generated at install time
Credential:
AES:
B256:
Key: "." # If unchanged, a random value will be generated at install time
Data:
Upload:
Max:
Memory:
Size: 8388608 # aka 8 mb
Social:
Auth:
Google:
OAUTH2:
Key: ""
Secret: ""
Okta:
OAUTH2:
Key: ""
Secret: ""
API:
URL: ""
Allowed:
Hosts: "localhost,127.0.0.1" # List of IP addresses or host names like ['192.168.1.42'] or ['dojo.ex.com', 'vuln.ex.com']
Email:
URL: "smtp://user@:password@localhost:25"