Ylianst/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-11-22 04:33:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

JSON config schema improvements.

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2020-06-15 13:08:46 -07:00
parent b85d674963
commit 888a5bab7d
3 changed files with 439 additions and 433 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

596
meshcentral-config-schema.json
View File

@ -7,20 +7,20 @@
"settings": {
"type": "object",
"properties": {
"Cert": { "type": "string" },
"MongoDb": { "type": "string" },
"MongoDbName": { "type": "string" },
"MongoDbChangeStream": { "type": "boolean" },
"MongoDumpPath": { "type": "string" },
"cert": { "type": "string" },
"mongoDb": { "type": "string" },
"mongoDbName": { "type": "string" },
"mongoDbChangeStream": { "type": "boolean" },
"mongoDumpPath": { "type": "string" },
"WANonly": { "type": "boolean", "default": false },
"LANonly": { "type": "boolean", "default": false },
"SessionTime": { "type": "integer" },
"SessionKey": { "type": "string" },
"SessionSameSite": { "type": "string" },
"DbEncryptKey": { "type": "string" },
"DbRecordsEncryptKey": { "type": "string" },
"DbRecordsDecryptKey": { "type": "string" },
"DbExpire": {
"sessionTime": { "type": "integer" },
"sessionKey": { "type": "string" },
"sessionSameSite": { "type": "string" },
"dbEncryptKey": { "type": "string" },
"dbRecordsEncryptKey": { "type": "string" },
"dbRecordsDecryptKey": { "type": "string" },
"dbExpire": {
"type": "object",
"properties": {
"events": { "type": "integer" },
@ -28,45 +28,46 @@
"statsevents": { "type": "integer" }
}
},
"Port": { "type": "integer", "minimum": 1, "maximum": 65535 },
"PortBind": { "type": "string" },
"AliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"RedirPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"RedirPortBind": { "type": "string" },
"RedirAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"AgentPort": { "type": "integer", "minimum": 1, "maximum": 65535, "description": "When set, enabled a new HTTPS server port that only accepts agent connections" },
"AgentPortBind": { "type": "string", "description": "When set, binds the agent port to a specific network interface" },
"AgentAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535, "description": "When set, indicates the actual publically visible agent-only port. If not set, the AgentPort value is used" },
"AgentAliasDNS": { "type": "string", "format": "hostname", "description": "When set, specified the DNS name used by agents to connect to the agent-only port" },
"AgentPortTls": { "type": "boolean", "default": true, "description": "Indicates if the agent-only port must perform TLS, this should be set to false if TLS is performed in front of this server" },
"ExactPorts": { "type": "boolean", "default": false },
"AllowLoginToken": { "type": "boolean", "default": false },
"AllowFraming": { "type": "boolean", "default": false },
"CookieIpCheck": { "type": "boolean" },
"CookieEncoding": { "type": "string", "enum": [ "hex", "base64" ], "default": "base64" },
"WebRTC": { "type": "boolean", "default": false, "description": "When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser" },
"Nice404": { "type": "boolean" },
"ClickOnce": { "type": "boolean" },
"SelfUpdate": { "type": "boolean", "default": false, "description": "When true, this server will attempt to self-update everyday after midnight." },
"BrowserPing": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the browser at x seconds interval and expects a response from the browser." },
"BrowserPong": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the browser at x seconds interval." },
"AgentPing": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the agent at x seconds interval and expects a response from the agent." },
"AgentPong": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the agent at x seconds interval." },
"AgentIdleTimeout": { "type": "integer", "minimum": 1 },
"MeshErrorLogPath": { "type": "string" },
"NpmPath": { "type": "string" },
"NpmProxy": { "type": "string", "format": "uri" },
"AllowHighQualityDesktop": { "type": "boolean", "default": true },
"DesktopMultiplex": { "type": "boolean", "default": false },
"UserAllowedIP": { "type": [ "string", "array" ] },
"UserBlockedIP": { "type": [ "string", "array" ] },
"AgentAllowedIP": { "type": [ "string", "array" ] },
"AgentBlockedIP": { "type": [ "string", "array" ] },
"AuthLog": { "type": "string" },
"ManageAllDeviceGroups": { "type": "array", "items": [ { "type": "string" } ] },
"ManageCrossDomain": { "type": "array", "items": [ { "type": "string" } ] },
"LocalDiscovery": {
"port": { "type": "integer", "minimum": 1, "maximum": 65535 },
"portBind": { "type": "string", "description": "When set, bind the HTTPS main port to a specific network address." },
"aliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"redirPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"redirPortBind": { "type": "string", "description": "When set, bind the HTTP redirection port to a specific network address." },
"redirAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"agentPort": { "type": "integer", "minimum": 1, "maximum": 65535, "description": "When set, enabled a new HTTPS server port that only accepts agent connections." },
"agentPortBind": { "type": "string", "description": "When set, binds the agent port to a specific network interface." },
"agentAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535, "description": "When set, indicates the actual publically visible agent-only port. If not set, the AgentPort value is used." },
"agentAliasDNS": { "type": "string", "format": "hostname", "description": "When set, specified the DNS name used by agents to connect to the agent-only port." },
"agentPortTls": { "type": "boolean", "default": true, "description": "Indicates if the agent-only port must perform TLS, this should be set to false if TLS is performed in front of this server." },
"exactPorts": { "type": "boolean", "default": false },
"allowLoginToken": { "type": "boolean", "default": false },
"allowFraming": { "type": "boolean", "default": false },
"cookieIpCheck": { "type": "boolean" },
"cookieEncoding": { "type": "string", "enum": [ "hex", "base64" ], "default": "base64", "description": "Encoding format of cookies in the HTTP headers, this is typically Base64 but some reverse proxies will require HEX." },
"webRTC": { "type": "boolean", "default": false, "description": "When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser." },
"nice404": { "type": "boolean", "default": true, "description": "By default, a nice looking 404 error page is displayed when needed. Set this to false to disable it." },
"clickOnce": { "type": "boolean", "default": true, "description": "By default Microsoft ClickOnce support is enabled allowing connection routing from the web site on IE browser and browsers with ClickOnce add-in." },
"selfUpdate": { "type": "boolean", "default": false, "description": "When true, this server will attempt to self-update everyday after midnight." },
"browserPing": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the browser at x seconds interval and expects a response from the browser." },
"browserPong": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the browser at x seconds interval." },
"agentPing": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the agent at x seconds interval and expects a response from the agent." },
"agentPong": { "type": "integer", "minimum": 1, "description": "When specified, sends data to the agent at x seconds interval." },
"agentIdleTimeout": { "type": "integer", "minimum": 1 },
"meshErrorLogPath": { "type": "string" },
"npmPath": { "type": "string" },
"npmProxy": { "type": "string", "format": "uri" },
"allowHighQualityDesktop": { "type": "boolean", "default": true },
"desktopMultiplex": { "type": "boolean", "default": false },
"userAllowedIP": { "type": [ "string", "array" ] },
"userBlockedIP": { "type": [ "string", "array" ] },
"agentAllowedIP": { "type": [ "string", "array" ] },
"agentBlockedIP": { "type": [ "string", "array" ] },
"authLog": { "type": "string" },
"manageAllDeviceGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"manageCrossDomain": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"localDiscovery": {
"type": "object",
"description": "When this server is in LAN mode, you may discover this server using a multicast discovery tool. When discovery happens, the name and info fields are sent back to the discovery tool.",
"additionalProperties": false,
"properties": {
"name": { "type": "string" },
@ -74,29 +75,26 @@
},
"required": [ "name", "info" ]
},
"TlsOffload": { "type": [ "string", "boolean" ], "default": false },
"TrustedProxy": { "type": "string" },
"MpsPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"MpsPortBind": { "type": "string" },
"MpsAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"MpsAliasHost": { "type": "string" },
"MpsTlsOffload": { "type": "boolean", "default": false },
"No2FactorAuth": { "type": "boolean" },
"Log": { "type": "string" },
"tlsOffload": { "type": [ "string", "boolean" ], "default": false },
"trustedProxy": { "type": "string" },
"mpsPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"mpsPortBind": { "type": "string" },
"mpsAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"mpsAliasHost": { "type": "string" },
"mpsTlsOffload": { "type": "boolean", "default": false },
"no2FactorAuth": { "type": "boolean" },
"log": { "type": "string" },
"syslog": { "type": "string" },
"syslogauth": { "type": "string" },
"syslogjson": { "type": "string" },
"WebRtConfig": {
"webrtcConfig": {
"type": "object",
"properties": {
"iceServers": {
"type": "array",
"items": [ { "type": "object", "properties": { "urls": { "type": "string" } }, "required": [ "urls" ] } ]
}
"iceServers": { "type": "array", "uniqueItems": true, "items": { "type": "object", "properties": { "urls": { "type": "string" } }, "required": [ "urls" ] } }
},
"required": [ "iceServers" ]
},
"AutoBackup": {
"autoBackup": {
"type": "object",
"properties": {
"backupIntervalHours": { "type": "integer" },
@ -105,8 +103,8 @@
"backupPath": { "type": "string" }
}
},
"Redirects": { "type": "object" },
"MaxInvalidLogin": {
"redirects": { "type": "object" },
"maxInvalidLogin": {
"type": "object",
"additionalProperties": false,
"properties": {
@ -115,247 +113,243 @@
"coolofftime": { "type": "integer" }
}
},
"Plugins": {
"plugins": {
"type": "object",
"properties": { "enabled": { "type": "boolean" } },
"required": [ "enabled" ]
}
}
},
"domaindefaults": { "type": "object" },
"domaindefaults": { "$ref": "#/properties/domains/items" },
"domains": {
"type": "object",
"properties": {
"": {
"type": "object",
"properties": {
"Title": { "type": "string" },
"Title2": { "type": "string" },
"TitlePicture": { "type": "string" },
"UserQuota": { "type": "integer" },
"MeshQuota": { "type": "integer" },
"Minify": { "type": "boolean" },
"NewAccounts": { "type": "boolean" },
"NewAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"UserNameIsEmail": { "type": "boolean" },
"NewAccountEmailDomains": { "type": "array", "items": [ { "type": "string" } ] },
"NewAccountsRights": { "type": "array", "items": [ { "type": "string" } ] },
"WelcomeText": { "type": "string" },
"WelcomePicture": { "type": "string" },
"Hide": { "type": "integer" },
"Footer": { "type": "string" },
"CertUrl": { "type": "string", "format": "uri" },
"PasswordRequirements": {
"type": "object",
"properties": {
"min": { "type": "integer" },
"max": { "type": "integer" },
"upper": { "type": "integer" },
"lower": { "type": "integer" },
"numeric": { "type": "integer" },
"nonalpha": { "type": "integer" },
"reset": { "type": "integer" },
"force2factor": { "type": "boolean" },
"skip2factor": { "type": "string" }
}
},
"AgentInviteCodes": { "type": "boolean", "default": false },
"AgentNoProxy": { "type": "boolean", "default": false },
"GeoLocation": { "type": "boolean", "default": false },
"novnc": { "type": "boolean", "default": true },
"mstsc": {
"type": "boolean",
"default": false
},
"CustomUI": { "type": "object" },
"ConsentMessages": {
"type": "object",
"additionalProperties": false,
"properties": {
"Title": { "type": "string" },
"Desktop": { "type": "string" },
"Terminal": { "type": "string" },
"Files": { "type": "string" }
}
},
"NotificationMessages": {
"type": "object",
"additionalProperties": false,
"properties": {
"Title": { "type": "string" },
"Desktop": { "type": "string" },
"Terminal": { "type": "string" },
"Files": { "type": "string" }
}
},
"UserAllowedIP": { "type": "string" },
"UserBlockedIP": { "type": "string" },
"AgentAllowedIP": { "type": "string" },
"AgentBlockedIP": { "type": "string" },
"UserSessionIdleTimeout": { "type": "integer" },
"UserConsentFlags": { "type": "integer" },
"UrlSwitching": { "type": "boolean" },
"DesktopPrivacyBarText": { "type": "string" },
"Limits": {
"type": "object",
"properties": {
"MaxDevices": { "type": "integer" },
"MaxUserAccounts": { "type": "integer" },
"MaxUserSessions": { "type": "integer" },
"MaxAgentSessions": { "type": "integer" },
"MaxSingleUserSessions": { "type": "integer" }
}
},
"AmtAcmActivation": {
"type": "object",
"properties": {
"log": { "type": "string" },
"certs": {
"type": "object",
"additionalProperties": {
"type": "object",
"properties": {
"certfiles": { "type": "array", "items": [ { "type": "string" } ] },
"keyfile": { "type": "string" }
},
"required": [ "certfiles", "keyfile" ]
}
}
}
},
"Redirects": {
"type": "object",
"additionalProperties": { "type": "string" }
},
"Yubikey": {
"type": "object",
"properties": {
"id": { "type": "string" },
"secret": { "type": "string" },
"proxy": { "type": "string" }
},
"required": [ "id", "secret" ]
},
"AgentConfig": {
"type": "array",
"items": [ { "type": "string" } ]
},
"SessionRecording": {
"type": "object",
"properties": {
"filepath": { "type": "string" },
"index": { "type": "boolean", "default": false },
"maxRecordings": { "type": "integer" },
"maxRecordingSizeMegabytes": { "type": "integer" },
"protocols": {
"type": "array",
"items": [ { "type": "integer" } ]
}
},
"required": [ "protocols" ]
},
"AuthStrategies": {
"type": "object",
"additionalProperties": false,
"properties": {
"twitter": {
"items": {
"type": "object",
"properties": {
"title": { "type": "string" },
"title2": { "type": "string" },
"titlePicture": { "type": "string" },
"userQuota": { "type": "integer" },
"meshQuota": { "type": "integer" },
"minify": { "type": "boolean", "default": false, "description": "When enabled, the server will send reduced sided web pages." },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"userNameIsEmail": { "type": "boolean", "default": false, "description": "When enabled, the username of each account is also the email address of the account." },
"newAccountEmailDomains": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"newAccountsRights": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"welcomeText": { "type": "string" },
"welcomePicture": { "type": "string" },
"hide": { "type": "integer" },
"footer": { "type": "string" },
"certUrl": { "type": "string", "format": "uri" },
"passwordRequirements": {
"type": "object",
"properties": {
"min": { "type": "integer" },
"max": { "type": "integer" },
"upper": { "type": "integer" },
"lower": { "type": "integer" },
"numeric": { "type": "integer" },
"nonalpha": { "type": "integer" },
"reset": { "type": "integer" },
"force2factor": { "type": "boolean" },
"skip2factor": { "type": "string" }
}
},
"agentInviteCodes": { "type": "boolean", "default": false },
"agentNoProxy": { "type": "boolean", "default": false },
"geoLocation": { "type": "boolean", "default": false },
"novnc": { "type": "boolean", "default": true },
"mstsc": { "type": "boolean", "default": false },
"customUI": { "type": "object" },
"consentMessages": {
"type": "object",
"additionalProperties": false,
"properties": {
"Title": { "type": "string" },
"Desktop": { "type": "string" },
"Terminal": { "type": "string" },
"Files": { "type": "string" }
}
},
"notificationMessages": {
"type": "object",
"additionalProperties": false,
"properties": {
"Title": { "type": "string" },
"Desktop": { "type": "string" },
"Terminal": { "type": "string" },
"Files": { "type": "string" }
}
},
"userAllowedIP": { "type": "string" },
"userBlockedIP": { "type": "string" },
"agentAllowedIP": { "type": "string" },
"agentBlockedIP": { "type": "string" },
"userSessionIdleTimeout": { "type": "integer" },
"userConsentFlags": { "type": "integer" },
"urlSwitching": { "type": "boolean" },
"desktopPrivacyBarText": { "type": "string" },
"limits": {
"type": "object",
"additionalProperties": false,
"properties": {
"MaxDevices": { "type": "integer" },
"MaxUserAccounts": { "type": "integer" },
"MaxUserSessions": { "type": "integer" },
"MaxAgentSessions": { "type": "integer" },
"MaxSingleUserSessions": { "type": "integer" }
}
},
"amtAcmActivation": {
"type": "object",
"additionalProperties": false,
"properties": {
"log": { "type": "string" },
"certs": {
"type": "object",
"additionalProperties": {
"type": "object",
"additionalProperties": false,
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
"certfiles": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"keyfile": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"google": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"github": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"reddit": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"azure": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" },
"tenantid": { "type": "string" }
},
"required": [ "clientid", "clientsecret", "tenantid" ]
},
"jumpcloud": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"entityid": { "type": "string" },
"idpurl": { "type": "string" },
"cert": { "type": "string" }
},
"required": [ "entityid", "idpurl", "cert" ]
},
"saml": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"disableRequestedAuthnContext": { "type": "boolean" },
"newAccounts": { "type": "boolean" },
"newAccountsUserGroups": { "type": "array", "items": [ { "type": "string" } ] },
"newAccountsRights": { "type": "array", "items": [ { "type": "string" } ] },
"entityid": { "type": "string" },
"idpurl": { "type": "string" },
"cert": { "type": "string" }
},
"required": [ "entityid", "idpurl", "cert" ]
"required": [ "certfiles", "keyfile" ]
}
}
},
"required": [ "certs" ]
},
"redirects": {
"type": "object",
"additionalProperties": { "type": "string" }
},
"yubikey": {
"type": "object",
"additionalProperties": false,
"properties": {
"id": { "type": "string" },
"secret": { "type": "string" },
"proxy": { "type": "string", "format": "uri" }
},
"required": [ "id", "secret" ]
},
"httpHeaders": { "type": "object", "additionalProperties": { "type": "string" } },
"agentConfig": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"sessionRecording": {
"type": "object",
"additionalProperties": false,
"properties": {
"filepath": { "type": "string" },
"index": { "type": "boolean", "default": false },
"maxRecordings": { "type": "integer" },
"maxRecordingSizeMegabytes": { "type": "integer" },
"protocols": { "type": "array", "uniqueItems": true, "items": { "type": "integer" } }
},
"required": [ "protocols" ]
},
"authStrategies": {
"type": "object",
"additionalProperties": false,
"properties": {
"twitter": {
"type": "object",
"additionalProperties": false,
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"google": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"github": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"reddit": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" }
},
"required": [ "clientid", "clientsecret" ]
},
"azure": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" },
"clientsecret": { "type": "string" },
"tenantid": { "type": "string" }
},
"required": [ "clientid", "clientsecret", "tenantid" ]
},
"jumpcloud": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"entityid": { "type": "string" },
"idpurl": { "type": "string", "format": "uri" },
"cert": { "type": "string" }
},
"required": [ "entityid", "idpurl", "cert" ]
},
"saml": {
"type": "object",
"properties": {
"callbackurl": { "type": "string", "format": "uri" },
"disableRequestedAuthnContext": { "type": "boolean" },
"newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"newAccountsRights": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"entityid": { "type": "string" },
"idpurl": { "type": "string", "format": "uri" },
"cert": { "type": "string" }
},
"required": [ "entityid", "idpurl", "cert" ]
}
}
}
}
}
},
"letsencrypt": {
"letsEncrypt": {
"title" : "Built-in Let's Encrypt support",
"description": "If your server has a proper DNS name and it public facing on the Internet with a public facing HTTP server on port 80, you can get a free TLS certificate.",
"type": "object",
"additionalProperties": false,
"properties": {
"email": { "type": "string", "format": "email" },
"email": { "type": "string", "format": "email", "description": "Email address of the administrator of this server. Make sure this is a valid email address otherwise the certificate request will fail." },
"names": { "type": "string" },
"production": { "type": "boolean", "default": false }
"production": { "type": "boolean", "default": false, "description": "By default a test certificate will be obtained from Let's Encrypt. Always start by getting a test certificate and make sure that works before setting this to true and obtaining a production certificaite. Making too many bad requests for a production certificate will get you banned for a long period of time." }
},
"required": [ "email", "names" ]
},
@ -381,7 +375,7 @@
},
"smtp": {
"title" : "Email server",
"description": "Connects MeshCentral to a email server, allows MeshCentral to send email messages for 2FA or user notification",
"description": "Connects MeshCentral to a email server, allows MeshCentral to send email messages for 2FA or user notification.",
"type": "object",
"properties": {
"host": { "type": "string", "format": "hostname" },
@ -395,18 +389,30 @@
},
"sms": {
"title" : "SMS provider",
"description": "Connects MeshCentral to a SMS text messaging provider, allows MeshCentral to send SMS messages for 2FA or user notification",
"type": "object",
"properties": {
"provider": { "type": "string", "enum": [ "twilio", "plivo" ] },
"id": { "type": "string" },
"sid": { "type": "string" },
"token": { "type": "string" },
"from": { "type": "string" }
},
"required": [ "provider", "token", "from" ]
"description": "Connects MeshCentral to a SMS text messaging provider, allows MeshCentral to send SMS messages for 2FA or user notification.",
"oneOf": [
{
"type": "object",
"properties": {
"provider": { "type": "string", "enum": [ "twilio" ] },
"sid": { "type": "string" },
"auth": { "type": "string" },
"from": { "type": "string" }
},
"required": [ "provider", "sid", "auth", "from" ]
},
{
"type": "object",
"properties": {
"provider": { "type": "string", "enum": [ "plivo" ] },
"id": { "type": "string" },
"token": { "type": "string" },
"from": { "type": "string" }
},
"required": [ "provider", "id", "token", "from" ]
}
]
}
},
"required": [ "settings", "domains" ]
}

254
sample-config-advanced.json
View File

@ -2,127 +2,127 @@
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
"__comment__": "This is a sample configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
"settings": {
"_Cert": "myserver.mydomain.com",
"_MongoDb": "mongodb://127.0.0.1:27017",
"_MongoDbName": "meshcentral",
"_MongoDbChangeStream": true,
"_MongoDumpPath": "C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongodump.exe",
"_cert": "myserver.mydomain.com",
"_mongoDb": "mongodb://127.0.0.1:27017",
"_mongoDbName": "meshcentral",
"_mongoDbChangeStream": true,
"_mongoDumpPath": "C:\\Program Files\\MongoDB\\Server\\4.2\\bin\\mongodump.exe",
"_WANonly": true,
"_LANonly": true,
"_SessionTime": 30,
"_SessionKey": "MyReallySecretPassword1",
"_SessionSameSite": "strict",
"_DbEncryptKey": "MyReallySecretPassword2",
"_DbRecordsEncryptKey": "MyReallySecretPassword",
"_DbRecordsDecryptKey": "MyReallySecretPassword",
"__DbExpire": "Amount of time to keep various events in the database, in seconds. Below are the default values.",
"_DbExpire": {
"_sessionTime": 30,
"_sessionKey": "MyReallySecretPassword1",
"_sessionSameSite": "strict",
"_dbEncryptKey": "MyReallySecretPassword2",
"_dbRecordsEncryptKey": "MyReallySecretPassword",
"_dbRecordsDecryptKey": "MyReallySecretPassword",
"__dbExpire": "Amount of time to keep various events in the database, in seconds. Below are the default values.",
"_dbExpire": {
"events": 1728000,
"powerevents": 864000,
"statsevents": 2592000
},
"_Port": 443,
"_PortBind": "127.0.0.1",
"_AliasPort": 444,
"_RedirPort": 80,
"_RedirPortBind": "127.0.0.1",
"_RedirAliasPort": 80,
"_AgentPort": 1234,
"_AgentPortBind": "127.0.0.1",
"_AgentAliasPort": 1234,
"_AgentAliasDNS": "agents.myserver.mydomain.com",
"_AgentPortTls": true,
"_ExactPorts": true,
"_AllowLoginToken": true,
"_AllowFraming": true,
"_CookieIpCheck": false,
"_CookieEncoding": "hex",
"_WebRTC": false,
"_Nice404": false,
"_ClickOnce": false,
"_SelfUpdate": true,
"_BrowserPing": 60,
"_BrowserPong": 60,
"_AgentPing": 60,
"_AgentPong": 60,
"_AgentIdleTimeout": 150,
"_MeshErrorLogPath": "c:\\tmp",
"_NpmPath": "c:\\npm.exe",
"_NpmProxy": "http://1.2.3.4:80",
"_AllowHighQualityDesktop": true,
"_DesktopMultiplex": true,
"_UserAllowedIP": "127.0.0.1,192.168.1.0/24",
"_UserBlockedIP": "127.0.0.1,::1,192.168.0.100",
"_AgentAllowedIP": "192.168.0.100/24",
"_AgentBlockedIP": "127.0.0.1,::1",
"_AuthLog": "c:\\temp\\auth.log",
"_ManageAllDeviceGroups": [ "user//admin" ],
"_ManageCrossDomain": [ "user//admin" ],
"_LocalDiscovery": {
"port": 443,
"_portBind": "127.0.0.1",
"aliasPort": 444,
"_redirPort": 80,
"_redirPortBind": "127.0.0.1",
"_redirAliasPort": 80,
"_agentPort": 1234,
"_agentPortBind": "127.0.0.1",
"_agentAliasPort": 1234,
"_agentAliasDNS": "agents.myserver.mydomain.com",
"_agentPortTls": true,
"_exactPorts": true,
"_allowLoginToken": true,
"_allowFraming": true,
"_cookieIpCheck": false,
"_cookieEncoding": "hex",
"_webRTC": false,
"_nice404": false,
"_clickOnce": false,
"_selfUpdate": true,
"_browserPing": 60,
"_browserPong": 60,
"_agentPing": 60,
"_agentPong": 60,
"_agentIdleTimeout": 150,
"_meshErrorLogPath": "c:\\tmp",
"_npmPath": "c:\\npm.exe",
"_npmProxy": "http://1.2.3.4:80",
"_allowHighQualityDesktop": true,
"_desktopMultiplex": true,
"_userAllowedIP": "127.0.0.1,192.168.1.0/24",
"_userBlockedIP": "127.0.0.1,::1,192.168.0.100",
"_agentAllowedIP": "192.168.0.100/24",
"_agentBlockedIP": "127.0.0.1,::1",
"_authLog": "c:\\temp\\auth.log",
"_manageAllDeviceGroups": [ "user//admin" ],
"_manageCrossDomain": [ "user//admin" ],
"_localDiscovery": {
"name": "Local server name",
"info": "Information about this server"
},
"_TlsOffload": "127.0.0.1,::1",
"_TrustedProxy": "127.0.0.1,::1",
"_MpsPort": 44330,
"_MpsPortBind": "127.0.0.1",
"_MpsAliasPort": 4433,
"_MpsAliasHost": "mps.mydomain.com",
"_MpsTlsOffload": true,
"_No2FactorAuth": true,
"_Log": "main,web,webrequest,cert",
"_rlsOffload": "127.0.0.1,::1",
"_rrustedProxy": "127.0.0.1,::1",
"_mpsPort": 44330,
"_mpsPortBind": "127.0.0.1",
"_mpsAliasPort": 4433,
"_mpsAliasHost": "mps.mydomain.com",
"_mpsTlsOffload": true,
"_no2FactorAuth": true,
"_log": "main,web,webrequest,cert",
"_syslog": "meshcentral",
"_syslogauth": "meshcentral-auth",
"_syslogjson": "meshcentral-json",
"_WebRtConfig": {
"_webrtcConfig": {
"iceServers": [
{ "urls": "stun:stun.services.mozilla.com" },
{ "urls": "stun:stun.l.google.com:19302" }
]
},
"_AutoBackup": {
"_autoBackup": {
"backupIntervalHours": 24,
"keepLastDaysBackup": 10,
"zipPassword": "MyReallySecretPassword3",
"_backupPath": "C:\\backups"
},
"_Redirects": {
"_redirects": {
"meshcommander": "https://www.meshcommander.com/"
},
"__MaxInvalidLogin": "Time in minutes, max amount of bad logins from a source IP in the time before logins are rejected.",
"_MaxInvalidLogin": {
"__maxInvalidLogin": "Time in minutes, max amount of bad logins from a source IP in the time before logins are rejected.",
"_maxInvalidLogin": {
"time": 10,
"count": 10,
"coolofftime": 10
},
"_Plugins": { "enabled": true }
"_plugins": { "enabled": true }
},
"_domaindefaults": {
"__comment__": "Any settings in this section is used as default setting for all domains",
"Title": "MyDefaultTitle",
"Footer": "Default page footer",
"NewAccounts": false
"title": "MyDefaultTitle",
"footer": "Default page footer",
"newAccounts": false
},
"_domains": {
"": {
"Title": "MyServer",
"Title2": "Servername",
"_TitlePicture": "title-sample.png",
"_UserQuota": 1048576,
"_MeshQuota": 248576,
"Minify": true,
"_NewAccounts": true,
"_NewAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"_UserNameIsEmail": true,
"_NewAccountEmailDomains": [ "sample.com" ],
"_NewAccountsRights": [ "nonewgroups", "notools" ],
"_WelcomeText": "Sample Text on Login Page.",
"_WelcomePicture": "mainwelcome.jpg",
"___Hide__": "Sum of: 1 = Hide header, 2 = Hide tab, 4 = Hide footer, 8 = Hide title, 16 = Hide left bar",
"_Hide": 4,
"_Footer": "<a href='https://twitter.com/mytwitter'>Twitter</a>",
"_CertUrl": "https://192.168.2.106:443/",
"_PasswordRequirements": {
"title": "MyServer",
"title2": "Servername",
"_titlePicture": "title-sample.png",
"_userQuota": 1048576,
"_meshQuota": 248576,
"minify": true,
"_newAccounts": true,
"_newAccountsUserGroups": [ "ugrp//xxxxxxxxxxxxxxxxx" ],
"_userNameIsEmail": true,
"_newAccountEmailDomains": [ "sample.com" ],
"_newAccountsRights": [ "nonewgroups", "notools" ],
"_welcomeText": "Sample Text on Login Page.",
"_welcomePicture": "mainwelcome.jpg",
"___hide__": "Sum of: 1 = Hide header, 2 = Hide tab, 4 = Hide footer, 8 = Hide title, 16 = Hide left bar",
"_hide": 4,
"_footer": "<a href='https://twitter.com/mytwitter'>Twitter</a>",
"_certUrl": "https://192.168.2.106:443/",
"_passwordRequirements": {
"min": 8,
"max": 128,
"upper": 1,
@ -133,41 +133,41 @@
"force2factor": true,
"skip2factor": "127.0.0.1,192.168.2.0/24"
},
"_AgentInviteCodes": true,
"_AgentNoProxy": true,
"_GeoLocation": true,
"_agentInviteCodes": true,
"_agentNoProxy": true,
"_geoLocation": true,
"_novnc": false,
"_mstsc": true,
"_consentMessages": {
"Title": "MeshCentral",
"Desktop": "{0} requesting remote desktop access. Grant access?",
"Terminal": "{0} requesting remote terminal access. Grant access?",
"Files": "{0} requesting remote files access. Grant access?"
"title": "MeshCentral",
"desktop": "{0} requesting remote desktop access. Grant access?",
"terminal": "{0} requesting remote terminal access. Grant access?",
"files": "{0} requesting remote files access. Grant access?"
},
"_notificationMessages": {
"Title": "MeshCentral",
"Desktop": "{0} started a remote desktop session.",
"Terminal": "{0} started a remote terminal session.",
"Files": "{0} started a remote files session."
"title": "MeshCentral",
"desktop": "{0} started a remote desktop session.",
"terminal": "{0} started a remote terminal session.",
"files": "{0} started a remote files session."
},
"_UserAllowedIP": "127.0.0.1,192.168.1.0/24",
"_UserBlockedIP": "127.0.0.1,::1,192.168.0.100",
"_AgentAllowedIP": "192.168.0.100/24",
"_AgentBlockedIP": "127.0.0.1,::1",
"___UserSessionIdleTimeout__": "Number of user idle minutes before auto-disconnect",
"_UserSessionIdleTimeout": 30,
"__UserConsentFlags__": "Set to: 1 for desktop, 2 for terminal, 3 for files, 7 for all",
"_UserConsentFlags": 7,
"_UrlSwitching": false,
"_DesktopPrivacyBarText": "Your privacy bar message",
"_Limits": {
"_MaxDevices": 100,
"_MaxUserAccounts": 100,
"_MaxUserSessions": 100,
"_MaxAgentSessions": 100,
"MaxSingleUserSessions": 10
"_userAllowedIP": "127.0.0.1,192.168.1.0/24",
"_userBlockedIP": "127.0.0.1,::1,192.168.0.100",
"_agentAllowedIP": "192.168.0.100/24",
"_agentBlockedIP": "127.0.0.1,::1",
"___userSessionIdleTimeout__": "Number of user idle minutes before auto-disconnect",
"_userSessionIdleTimeout": 30,
"__userConsentFlags__": "Set to: 1 for desktop, 2 for terminal, 3 for files, 7 for all",
"_userConsentFlags": 7,
"_urlSwitching": false,
"_desktopPrivacyBarText": "Your privacy bar message",
"_limits": {
"_maxDevices": 100,
"_maxUserAccounts": 100,
"_maxUserSessions": 100,
"_maxAgentSessions": 100,
"maxSingleUserSessions": 10
},
"_AmtAcmActivation": {
"_amtAcmActivation": {
"log": "amtactivation.log",
"certs": {
"mycertname": {
@ -176,7 +176,7 @@
}
}
},
"_Redirects": {
"_redirects": {
"meshcommander": "https://www.meshcommander.com/"
},
"_yubikey": {
@ -184,13 +184,13 @@
"secret": "xxxxxxxxxxxxxxxxxxxxx",
"_proxy": "http://myproxy.domain.com:80"
},
"_httpheaders": {
"_httpHeaders": {
"Strict-Transport-Security": "max-age=360000",
"x-frame-options": "SAMEORIGIN",
"Content-Security-Policy": "default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; frame-src 'self'; media-src 'self'"
},
"_agentConfig": [ "webSocketMaskOverride=1" ],
"_SessionRecording": {
"_sessionRecording": {
"_filepath": "C:\\temp",
"_index": true,
"_maxRecordings": 10,
@ -257,17 +257,17 @@
}
},
"_customer1": {
"_DNS": "customer1.myserver.com",
"_Title": "Customer1",
"_Title2": "TestServer",
"_NewAccounts": 1,
"_Auth": "sspi",
"__Auth": "ldap",
"_dns": "customer1.myserver.com",
"_title": "Customer1",
"_title2": "TestServer",
"_newAccounts": 1,
"_auth": "sspi",
"__auth": "ldap",
"_LDAPUserName": "gecos",
"_LDAPUserKey": "uid",
"_LDAPUserEmail": "otherMail",
"_LDAPPptions": {
"URL": "test",
"url": "test",
"anne": {
"gecos": "Anne O'Nyme",
"displayName": "O Nyme anne",
@ -292,8 +292,8 @@
"SearchBase": "DC=meshcentral,DC=local",
"SearchFilter": "(sAMAccountName={{username}})"
},
"_Footer": "Test",
"_CertUrl": "https://192.168.2.106:443/"
"_footer": "Test",
"_certUrl": "https://192.168.2.106:443/"
},
"_info": {
"_share": "C:\\ExtraWebSite"

22
sample-config.json
View File

@ -3,22 +3,22 @@
"__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
"__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
"settings": {
"_Cert": "myserver.mydomain.com",
"_cert": "myserver.mydomain.com",
"_WANonly": true,
"_LANonly": true,
"_SessionKey": "MyReallySecretPassword1",
"_Port": 443,
"_AliasPort": 443,
"_RedirPort": 80,
"_RedirAliasPort": 80
"_sessionKey": "MyReallySecretPassword1",
"_port": 443,
"_aliasPort": 443,
"_redirPort": 80,
"_redirAliasPort": 80
},
"domains": {
"": {
"_Title": "MyServer",
"_Title2": "Servername",
"_Minify": true,
"_NewAccounts": true,
"_UserNameIsEmail": true
"_title": "MyServer",
"_title2": "Servername",
"_minify": true,
"_newAccounts": true,
"_userNameIsEmail": true
}
},
"_letsencrypt": {