EN | DE
Monitoring v2 Documentation

Configuration of the Bloonix-WebGUI

The configuration of the Bloonix WebGUI is in the file /etc/bloonix/webgui/main.conf.

Parameter: app_name

Default: not set

This parameter is required by the MVC framework bloonix.heaven to find the path to the application. This parameter should not be changed unless you know what you are doing.

Parameter: user, group

Default: bloonix

By default, the Bloonix WebGUI runs under the user and group bloonix.

Section: app

In this section the parameters for interaction with the browser and the WebGUI are set.

Parameter session_expire_time

Default: 3h

After what time should the session of a logged in user automatically expire.

Parameter: session_refresh_time

Default: 10m

The duration of a session is not renewed with every HTTP request. Here you can specify after what time the duration should be renewed.

Parameter: cookie_secure

Default: True

Should the attribute Secure be set for session cookies.

Parameter: cookie_http_only

Should the attribute HttpOnly be set for session cookies.

Parameter: add_header

Default: not set

HTTP headers can be set here, e.g.:

add_header X-Content-Type-Options nosniff
add_header Strict-Transport-Security max-age=63072000
add_header X-Frame-Options SAMEORIGIN
add_header Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; img-src 'self' data:;

login_logger

Default: not set

Incorrect logins are logged. If you would like to be informed by email that an incorrect login has occurred, you can set the sender and recipient here.

2fa_mail_from + 2fa_command

Important Notice: Only one of the two parameters can be set in the configuration. If both parameters are set, the WebGUI can no longer be started and an error is produced.

2fa_mail_from

Default: not set

The WebGUI supports two-factor authentication via email (/usr/sbin/sendmail). It may be necessary to enter a valid sender address here so that the sending works correctly. The recipient address is entered in the user management in the WebGUI. Please do not forget to set up the MTA correctly.

2fa_command

Default: not set

In addition to the parameter 2fa_mail_from, it is possible to use your own script for two-factor authentication. This would give you the option of connecting any 2FA service. Let’s take the following configuration as an example:

2fa_command /usr/local/bin/my-2fa-script

After restarting the WebGUI, the parameter is active. The recipient address is entered in the user management in the WebGUI. The next time you log in, the script is called with the following parameters:

/usr/local/bin/my-2fa-script <<EOT
{
    "2fa_code": $code,
    "2fa_addr": $address,
    "username": $username,
    "name": $name,
    "language": $language
}
EOT

The data of the user who wants to log in is passed to the STDIN of the script together with the auth code in JSON format. You can now manage the sending of the auth code to the user in the script itself.

Parameter: bloonix_max_services

Default: 0

This defines the maximum number of services that can be set up. 0 means unlimited.

Parameter: bloonix_max_wtrm_services

Default: 0

This defines the maximum number of WTRM type services that can be set up. 0 means unlimited.

Default: not set

With this option, various system settings in the WebGUI can be restricted to the user admin only. Possible values are

  • event_history
  • stat_history
  • result_history
  • notification_history
  • user_tracking_history

Section: logger

Logging is defined in the logger section.

The following levels are available:

  • emergency
  • alert
  • critical
  • error,
  • warning
  • notice
  • info
  • debug

The following patterns are available:

%L   Log level
%T   Timestamp
%P   PID
%H   Hostname
%U   User name
%G   Group name
%N   Newline
%S   Program name
%C   Caller - filename and line number
%r   Runtime in seconds since program start
%t   Time measurement - the time since the last call of log()
%m   Message

Section: model

Access to the database and datastore is configured in these sections. Only the metrics are located in the datastore.

Section: db, ds

Parameter: host

Parameter: port

Parameter: database

Parameter: user, password

It is recommended to save the configuration in the files provided for it, since other tools besides the Bloonix server also access the configuration files, such as the backup script for the datastore or the importer for plugins.

  • /etc/bloonix/database/main.conf
  • /etc/bloonix/datastore/main.conf

Both files are then included in the configuration of the Bloonix server.