Console Configuration¶
Console can be configured using either a YAML configuration file (config.yml) or environment variables (.env). Both methods allow you to customize the behavior of the Console application.
Using config.yml¶
When you first run the Console, a config.yml file is generated and stored in the config/ directory, located in the same directory as the Console executable. You can stop the Console, edit the config.yml file, and then restart the Console to apply the changes.
Alternatively, you can also download the config.yml file from GitHub or create your own configuration file, edit the YAML content, and then use the config flag to run the Console console.exe -config /path/to/config.yml.
Using .env Variables¶
Console can also be configured using environment variables. These .env variables take precedence over the corresponding settings in the config.yml file, effectively overwriting them.
Configuration Variables¶
.env Variable Name |
config.yml Variable Name |
Default | Description |
|---|---|---|---|
| APP_NAME | app.name | console | Name of the application. |
| APP_REPO | app.repo | open-amt-cloud-toolkit/console | Repository path of the application. |
| APP_ENCRYPTION_KEY | app.encryption_key | No Value | A 32-character long encryption key is automatically generated by Console if not provided by the user. This key is used to encrypt and protect sensitive data stored in SQLite DB. |
| AUTH_DISABLED | auth.disabled | false |
When set to true, this will disable authentication for the Console. During the Beta release, the Console UI will not be accessible if this is set to true. |
| AUTH_ADMIN_USERNAME | auth.adminUsername | standalone |
Admin username for accessing Console. |
| AUTH_ADMIN_PASSWORD | auth.adminPassword | G@ppm0ym |
Admin password for accessing Console. |
| AUTH_JWT_KEY | auth.jwtKey | your_secret_jwt_key |
Secret key for JWT token generation. |
| AUTH_JWT_EXPIRATION | auth.jwtExpiration | 24h0m0s |
This setting determines the default expiration time for JWT tokens used for Console login sessions. It controls how long a user's login session will remain valid. |
| AUTH_REDIRECTION_JWT_EXPIRATION | auth.redirectionJWTExpiration | 5m0s |
This setting determines the expiration time for redirection JWT tokens, which are used for features like KVM, SOL, and IDER. It controls how long these redirection sessions will remain valid. |
| AUTH_CLIENT_ID | auth.clientId | No Value | A unique identifier assigned to the application by the OAuth2/OIDC provider. This is used by the authorization server to recognize the client making authentication requests. |
| AUTH_ISSUER | auth.issuer | No Value | The entity that issued the authentication tokens. This is typically the URL of the authorization server and is used to validate tokens and discover relevant OAuth2/OIDC endpoints. |
| HTTP_HOST | http.host | localhost |
By default, Console listens only on localhost, restricting network access. For now, it's recommended to keep Console accessible only from localhost until HTTPS is available to ensure secure access. |
| HTTP_PORT | http.port | 8181 |
This is the port on which the Console HTTP server will listen. Users will access the Console UI through this port in their browser. |
| HTTP_ALLOWED_ORIGINS | http.allowed_origins | * |
Allowed origins for CORS policy. |
| HTTP_ALLOWED_HEADERS | http.allowed_headers | * |
Allowed headers for CORS policy. |
| LOG_LEVEL | logger.log_level | info |
Controls the level of logging. Options: error, warn, info, debug, fatal. |
| DB_POOL_MAX | db.pool_max | 2 |
Maximum number of database connections in the pool. |
| DB_URL | db.url | No Value | By default, Console uses a SQLite database to store device data locally. Users can optionally configure this variable to provide a PostgreSQL connection string, enabling the use of an external PostgreSQL database for data storage. This allows for greater scalability and centralized database management. |
| EA_URL | ea.url | http://localhost:8000 |
URL for the Enterprise Assistant service. |
| EA_USERNAME | ea.username | No Value | Username for the Enterprise Assistant service. |
| EA_PASSWORD | ea.password | No Value | Password for the Enterprise Assistant service. |