misp-docker/template.env

##
# Build-time variables
##

CORE_TAG=v2.4.192
MODULES_TAG=v2.4.188
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a

# PYPY_* vars take precedence over MISP's
# PYPI_REDIS_VERSION="==5.0.*"
# PYPI_LIEF_VERSION=">=0.13.1"
# PYPI_PYDEEP2_VERSION="==0.5.*"
# PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
# PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
# PYPI_MAEC_VERSION="==4.1.*"
# PYPI_MIXBOX_VERSION="==1.0.*"
# PYPI_CYBOX_VERSION="==2.1.*"
# PYPI_PYMISP_VERSION="==2.4.178"

# CORE_COMMIT takes precedence over CORE_TAG
# CORE_COMMIT=c56d537
# MODULES_COMMIT takes precedence over MODULES_TAG
# MODULES_COMMIT=de69ae3

##
# Run-time variables
##

# Email/username for user #1, defaults to MISP's default (admin@admin.test)
ADMIN_EMAIL=
# name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=
# defaults to an automatically generated one
ADMIN_KEY=
# defaults to MISP's default (admin)
ADMIN_PASSWORD=
# defaults to 'passphrase'
GPG_PASSPHRASE=
# defaults to 1 (the admin user)
CRON_USER_ID=
# defaults to 'https://localhost'
BASE_URL=

# optional and used by the mail sub-system
SMARTHOST_ADDRESS=
SMARTHOST_PORT=
SMARTHOST_USER=
SMARTHOST_PASSWORD=
SMARTHOST_ALIASES=

# optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
# For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
# note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID=
SYNCSERVERS_1_KEY=

# optional and used to set mysql db and credentials
# MYSQL_HOST=
# MYSQL_PORT=
# MYSQL_USER=
# MYSQL_PASSWORD=
# MYSQL_ROOT_PASSWORD=
# MYSQL_DATABASE=

# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.

# MISP.email, used for notifications. Also used
# for GnuPG.email and GPG autogeneration.
# MISP_EMAIL=

# MISP.contact, the e-mail address that
# MISP should include as a contact address
# for the instance's support team.
# MISP_CONTACT=

# Enable GPG autogeneration (default true)
# AUTOCONF_GPG=true

# Enable admin (user #1) API key autogeneration
# if ADMIN_KEY is not set above (default true)
# AUTOGEN_ADMIN_KEY=true

# Disable IPv6 completely
# DISABLE_IPV6=true

# Disable SSL redirect
# DISABLE_SSL_REDIRECT=true

# Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
# OIDC_ENABLE=true
# OIDC_PROVIDER_URL=
# OIDC_CLIENT_ID=
# OIDC_CLIENT_SECRET=
# OIDC_ROLES_PROPERTY="roles"
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
# OIDC_DEFAULT_ORG=

# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).
#       This means you must not allow direct access to MISP.
# LDAP_ENABLE=true
# LDAP_APACHE_ENV="REMOTE_USER"
# LDAP_SERVER="ldap://your_domain_controller"
# LDAP_STARTTLS=true
# LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
# LDAP_READER_PASSWORD="password"
# LDAP_DN="OU=Users,DC=domain,DC=net"
# LDAP_SEARCH_FILTER=""
# LDAP_SEARCH_ATTRIBUTE="uid"
# LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
# LDAP_DEFAULT_ROLE_ID="3"
# LDAP_DEFAULT_ORG="1"
# LDAP_EMAIL_FIELD="[\"mail\"]"
# LDAP_OPT_PROTOCOL_VERSION="3"
# LDAP_OPT_NETWORK_TIMEOUT="-1"
# LDAP_OPT_REFERRALS=false

# Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
# AAD_ENABLE=true
# AAD_CLIENT_ID=
# AAD_TENANT_ID=
# AAD_CLIENT_SECRET=
# AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
# AAD_PROVIDER="https://login.microsoftonline.com/"
# AAD_PROVIDER_USER="https://graph.microsoft.com/"
# AAD_MISP_USER="Misp Users"
# AAD_MISP_ORGADMIN="Misp Org Admins"
# AAD_MISP_SITEADMIN="Misp Site Admins"
# AAD_CHECK_GROUPS=false