Skip to content

Commit

Permalink
Clean up .env configurations
Browse files Browse the repository at this point in the history
  • Loading branch information
jayjb committed Jan 15, 2024
1 parent c3e6f0b commit e539195
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 45 deletions.
25 changes: 8 additions & 17 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -64,17 +64,11 @@ $ sudo pip install -U docker-compose

* We distribute two .env files that will be used for configuration, namely ```switchboard.env.dist``` and ```frontend.env.dist```. You'll need to copy/rename them to ```switchboard.env``` and ```frontend.env``` respectively (this ensures that your configuration doesn't get blown away if you pull changes). Once that is done, you can edit them:

1) Set the `CANARY_PUBLIC_IP` in both configurations to the same public IP used for the external public IP for switchboard which handles the Canarytoken triggers.
1) Please go through both your newly created configuration files, `switchboard.env` and `frontend.env`, and fill in the `Required Settings` section. The `Optional Settings` are not required to work and have sane defaults so don't change them if you don't need to.

2) Set the values for `CANARY_DOMAINS` in ```frontend.env```. These must be domains you own because you will need to add an A record to each `CANARY_DOMAINS` specified pointing the domain towards your docker's public IP.
2) Next decide on which email provider you want to use to send alerts. You will have to decide between `mailgun`, `SMTP` and `sendgrid`. The relevant required details can be found in the relevant `.env` file.

3) [NOTE: This step is only necessary if you want to use PDF tokens] Set the values for `CANARY_NXDOMAINS` in ```frontend.env```. These must be domains you own because you will need to add an NS record to each `CANARY_NXDOMAINS` specified pointing the domain towards your previously specified `CANARY_DOMAINS`.

4) Uncomment 'CANARY_PUBLIC_DOMAIN' in ```switchboard.env``` and set it to one of the domains defined for `CANARY_DOMAINS` in ```frontend.env```(if you do not uncomment and set it, the Public IP will be used).

5) Next decide on which email provider you want to use to send alerts. If you are using Mailgun to send emails, uncomment `CANARY_MAILGUN_DOMAIN_NAME` and `CANARY_MAILGUN_API_KEY` from ```switchboard.env``` and set the values. If you are using Mandrill or Sendgrid instead, uncomment the appropriate API key setting and set it. If using Mailgun's European infrastructure for your Canarytokens Server, you will need to add `CANARY_MAILGUN_BASE_URL=https://api.eu.mailgun.net` to your `switchboard.env`.

6) Generate a single unique WireGuard key seed to set as `CANARY_WG_PRIVATE_KEY_SEED` in both `switchboard.env` and `frontend.env` with the command:
3) Generate a single unique WireGuard key seed to set as `CANARY_WG_PRIVATE_KEY_SEED` in both `switchboard.env` and `frontend.env` with the command:

```
dd bs=32 count=1 if=/dev/urandom 2>/dev/null | base64
Expand All @@ -90,25 +84,22 @@ dd bs=32 count=1 if=/dev/urandom 2>/dev/null | base64
* frontend.env
```
#These domains are used for general purpose tokens
CANARY_PUBLIC_IP=1.1.1.1
CANARY_DOMAINS=example1.com,example2.com
#These domains are only used for PDF tokens
CANARY_NXDOMAINS=example3.com
#Requires a Google Cloud API key to generate an incident map on the history page with the Maps JavaScript API
#CANARY_GOOGLE_API_KEY=
CANARY_PUBLIC_IP=1.1.1.1
CANARY_WG_PRIVATE_KEY_SEED=vk/GD+frlhve/hDTTSUvqpQ/WsQtioKAri0Rt5mg7dw=
CANARY_GOOGLE_API_KEY=<grab google maps api key>
LOG_FILE=frontend.log
```
* switchboard.env (Example using Mailgun for email)
```
CANARY_PUBLIC_DOMAIN=mydomain.com
LOG_FILE=switchboard.log
CANARY_MAILGUN_DOMAIN_NAME=x.y
CANARY_MAILGUN_API_KEY=zzzzzzzzzz
#CANARY_MANDRILL_API_KEY=
#CANARY_SENDGRID_API_KEY=
CANARY_PUBLIC_IP=1.1.1.1
CANARY_PUBLIC_DOMAIN=my.domain
CANARY_ALERT_EMAIL_FROM_ADDRESS=noreply@example.com
CANARY_ALERT_EMAIL_FROM_DISPLAY="Example Canarytokens"
CANARY_ALERT_EMAIL_SUBJECT="Canarytoken"
Expand Down
33 changes: 25 additions & 8 deletions frontend.env.dist
Original file line number Diff line number Diff line change
@@ -1,11 +1,28 @@
CANARY_DOMAINS=localhost
CANARY_NXDOMAINS=yourdomain.com
CANARY_PUBLIC_IP=
# Required Settings
CANARY_PUBLIC_IP= #str
CANARY_DOMAINS=yourdomain.com #list[str]
CANARY_NXDOMAINS=nx.yourdomain.com #list[str]
LOG_FILE=frontend.log #str

#CANARY_GOOGLE_API_KEY=
# Optional Settings (these have sane defaults)
#CANARY_API_APP_TITLE=Canarytokens #str
#CANARY_SENTRY_DSN= #HttpUrl
#CANARY_SENTRY_ENVIRONMENT= # ["prod", "staging", "dev", "ci", "local"]
#CANARY_SENTRY_ENABLE= # bool

CANARY_WEB_IMAGE_UPLOAD_PATH=/uploads
#Enter number so 1024*1024*10 = 10485760
CANARY_MAX_UPLOAD_SIZE=10485760
# upload settings
#CANARY_MAX_UPLOAD_SIZE= #int
#CANARY_WEB_IMAGE_UPLOAD_PATH= #str

LOG_FILE=frontend.log
# log settings
#CANARY_FRONTEND_LOG_SIZE= #int
#CANARY_FRONTEND_LOG_COUNT= #int

# 3rd party settings
#CANARY_AWSID_URL= #str
#CANARY_AZURE_ID_TOKEN_URL= #str
#CANARY_AZURE_ID_TOKEN_AUTH= #str
#CANARY_GOOGLE_API_KEY= #str
#CANARY_EXTEND_EMAIL= #str
#CANARY_EXTEND_PASSWORD= #str
#CANARY_EXTEND_CARD_NAME= #str
77 changes: 57 additions & 20 deletions switchboard.env.dist
Original file line number Diff line number Diff line change
@@ -1,20 +1,57 @@
#CANARY_MAILGUN_DOMAIN_NAME=
#CANARY_MAILGUN_API_KEY=
#CANARY_MANDRILL_API_KEY=
#CANARY_SENDGRID_API_KEY=
CANARY_PUBLIC_IP=
#CANARY_PUBLIC_DOMAIN=
CANARY_ALERT_EMAIL_FROM_ADDRESS=
CANARY_ALERT_EMAIL_FROM_DISPLAY=
CANARY_ALERT_EMAIL_SUBJECT=
#CANARY_IPINFO_API_KEY=

CANARY_TOKEN_RETURN=fortune

CANARY_WEB_IMAGE_UPLOAD_PATH=/uploads

LOG_FILE=switchboard.log

# Default protocol to use in notification links. If you don't use LetsEncrypt, set to http
PROTOCOL=https
ERROR_LOG_WEBHOOK=
# Required Settings
CANARY_PUBLIC_DOMAIN= #str
CANARY_WG_PRIVATE_KEY_SEED= #str
LOG_FILE=switchboard.log #str

# Optional Settings (these have sane defaults)
#CANARY_CHANNEL_DNS_IP= #str
#CANARY_CHANNEL_DNS_PORT= #int
#CANARY_CHANNEL_HTTP_PORT= #int
#CANARY_CHANNEL_SMTP_PORT= #int
#CANARY_CHANNEL_MYSQL_PORT= #int
#CANARY_CHANNEL_MTLS_KUBECONFIG_PORT= #int
#CANARY_CHANNEL_WIREGUARD_PORT= #int
#CANARY_SWITCHBOARD_SCHEME= #["https", "http"]
#CANARY_FORCE_HTTPS= #bool
#CANARY_REAL_IP_HEADER= #str

#CANARY_WG_PRIVATE_KEY_N= #str

# Email Alert Settings
#CANARY_ALERT_EMAIL_FROM_ADDRESS= #str
#CANARY_ALERT_EMAIL_FROM_DISPLAY= #str
#CANARY_ALERT_EMAIL_SUBJECT= #str

# Alert Settings
#CANARY_MAX_ALERTS_PER_MINUTE= #int
#CANARY_MAX_ALERT_FAILURES= #int

# 3rd Party Settings
#CANARY_IPINFO_API_KEY= #str

# Mailgun Required Settings
#CANARY_MAILGUN_API_KEY= #str
#CANARY_MAILGUN_BASE_URL= #str
#CANARY_MAILGUN_DOMAIN_NAME= #str

# Sendgrid Required Settings
#CANARY_SENDGRID_API_KEY= #str
#CANARY_SENDGRID_SANDBOX_MODE= #str

# SMTP Required Settings
#CANARY_SMTP_USERNAME= #str
#CANARY_SMTP_PASSWORD= #str
#CANARY_SMTP_SERVER= #str
#CANARY_SMTP_PORT= #str

# Sentry Settings
#CANARY_SENTRY_DSN= #str
#CANARY_SENTRY_ENVIRONMENT= #["prod", "staging", "dev", "ci", "local"]
#CANARY_SENTRY_ENABLE= #bool

# Logging Settings
#CANARY_SWITCHBOARD_LOG_SIZE= #int
#CANARY_SWITCHBOARD_LOG_COUNT= #int
#ERROR_LOG_WEBHOOK= #str

#CANARY_TOKEN_RETURN= #["gif", "fortune"]

0 comments on commit e539195

Please sign in to comment.