From 7b7856d7b69cfa175e5f46ee20b865aef70a6006 Mon Sep 17 00:00:00 2001 From: Domonkos Czinke Date: Fri, 10 Feb 2017 15:57:49 +0100 Subject: [PATCH 1/4] Add some more envvars --- env-config/config-docker.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/env-config/config-docker.py b/env-config/config-docker.py index c8c4c2997..d6d3f3828 100644 --- a/env-config/config-docker.py +++ b/env-config/config-docker.py @@ -92,7 +92,7 @@ def env_to_bool(input): NGINX_PORT = '443' BASE_URL = 'https://{}/'.format(FQDN) -SECRET_KEY = '' +SECRET_KEY = os.getenv('SECURITY_MONKEY_SECRET_KEY', '') MAIL_DEFAULT_SENDER = os.getenv('SECURITY_MONKEY_EMAIL_DEFAULT_SENDER', 'securitymonkey@example.com') SECURITY_REGISTERABLE = True @@ -134,7 +134,7 @@ def env_to_bool(input): MAX_THREADS = 30 # SSO SETTINGS: -ACTIVE_PROVIDERS = [] # "ping", "google" or "onelogin" +ACTIVE_PROVIDERS = [ os.getenv('SECURITY_MONKEY_ACTIVE_PROVIDERS', '') ] # "ping", "google" or "onelogin" PING_NAME = '' # Use to override the Ping name in the UI. PING_REDIRECT_URI = "{BASE}api/1/auth/ping".format(BASE=BASE_URL) @@ -145,10 +145,9 @@ def env_to_bool(input): PING_JWKS_URL = '' # Often something ending in JWKS PING_SECRET = '' # Provided by your administrator -GOOGLE_CLIENT_ID = '' -GOOGLE_AUTH_ENDPOINT = '' -GOOGLE_SECRET = '' -# GOOGLE_HOSTED_DOMAIN = 'example.com' # Verify that token issued by comes from domain +GOOGLE_CLIENT_ID = os.getenv('SECURITY_MONKEY_GOOGLE_CLIENT_ID', '') +GOOGLE_AUTH_ENDPOINT = os.getenv('SECURITY_MONKEY_GOOGLE_AUTH_ENDPOINT', '') +GOOGLE_SECRET = os.getenv('SECURITY_MONKEY_GOOGLE_SECRET', '') ONELOGIN_APP_ID = '' # OneLogin App ID provider by your administrator ONELOGIN_EMAIL_FIELD = 'User.email' # SAML attribute used to provide email address From c3830d4741425cd0b3c0c74a6ad1a718b4544c91 Mon Sep 17 00:00:00 2001 From: Domonkos Czinke Date: Fri, 10 Feb 2017 16:11:30 +0100 Subject: [PATCH 2/4] Add GOOGLE_HOSTED_DOMAIN env var --- env-config/config-docker.py | 1 + 1 file changed, 1 insertion(+) diff --git a/env-config/config-docker.py b/env-config/config-docker.py index d6d3f3828..96e7d46c6 100644 --- a/env-config/config-docker.py +++ b/env-config/config-docker.py @@ -148,6 +148,7 @@ def env_to_bool(input): GOOGLE_CLIENT_ID = os.getenv('SECURITY_MONKEY_GOOGLE_CLIENT_ID', '') GOOGLE_AUTH_ENDPOINT = os.getenv('SECURITY_MONKEY_GOOGLE_AUTH_ENDPOINT', '') GOOGLE_SECRET = os.getenv('SECURITY_MONKEY_GOOGLE_SECRET', '') +GOOGLE_HOSTED_DOMAIN = os.getenv('SECURITY_MONKEY_GOOGLE_HOSTED_DOMAIN', '') ONELOGIN_APP_ID = '' # OneLogin App ID provider by your administrator ONELOGIN_EMAIL_FIELD = 'User.email' # SAML attribute used to provide email address From 8d097c27d6a883aab7abde778918b920b0391214 Mon Sep 17 00:00:00 2001 From: Domonkos Czinke Date: Mon, 13 Feb 2017 15:42:28 +0100 Subject: [PATCH 3/4] Make Register button controlled by env variable --- env-config/config-docker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/env-config/config-docker.py b/env-config/config-docker.py index 96e7d46c6..97f7e8e7b 100644 --- a/env-config/config-docker.py +++ b/env-config/config-docker.py @@ -95,7 +95,7 @@ def env_to_bool(input): SECRET_KEY = os.getenv('SECURITY_MONKEY_SECRET_KEY', '') MAIL_DEFAULT_SENDER = os.getenv('SECURITY_MONKEY_EMAIL_DEFAULT_SENDER', 'securitymonkey@example.com') -SECURITY_REGISTERABLE = True +SECURITY_REGISTERABLE = os.getenv('SECURITY_MONKEY_SECURITY_REGISTERABLE', 'True') SECURITY_CONFIRMABLE = False SECURITY_RECOVERABLE = False SECURITY_PASSWORD_HASH = 'bcrypt' From d813cbd19beb09910a0a9d1e563b0926ba27e15e Mon Sep 17 00:00:00 2001 From: Domonkos Czinke Date: Tue, 14 Feb 2017 23:03:09 +0100 Subject: [PATCH 4/4] Add same comment --- env-config/config-docker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/env-config/config-docker.py b/env-config/config-docker.py index 97f7e8e7b..83ae574de 100644 --- a/env-config/config-docker.py +++ b/env-config/config-docker.py @@ -148,7 +148,7 @@ def env_to_bool(input): GOOGLE_CLIENT_ID = os.getenv('SECURITY_MONKEY_GOOGLE_CLIENT_ID', '') GOOGLE_AUTH_ENDPOINT = os.getenv('SECURITY_MONKEY_GOOGLE_AUTH_ENDPOINT', '') GOOGLE_SECRET = os.getenv('SECURITY_MONKEY_GOOGLE_SECRET', '') -GOOGLE_HOSTED_DOMAIN = os.getenv('SECURITY_MONKEY_GOOGLE_HOSTED_DOMAIN', '') +GOOGLE_HOSTED_DOMAIN = os.getenv('SECURITY_MONKEY_GOOGLE_HOSTED_DOMAIN', '') # Verify that token issued by comes from domain ONELOGIN_APP_ID = '' # OneLogin App ID provider by your administrator ONELOGIN_EMAIL_FIELD = 'User.email' # SAML attribute used to provide email address