"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
help="CA private key. Used to sign for client enrollment.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.server_key",
help="Private key for the front end server.")
config_lib.DEFINE_integer("Server.rsa_key_length", 2048,
"The length of the server rsa key in bits.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RDFX509Cert,
"Frontend.certificate",
help="An X509 certificate for the frontend server.")
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
help="CA private key. Used to sign for client enrollment.")
config_lib.DEFINE_semantic_value(rdf_crypto.RSAPrivateKey,
"PrivateKeys.server_key",
help="Private key for the front end server.")
config_lib.DEFINE_integer("Server.rsa_key_length", 2048,
"The length of the server rsa key in bits.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RDFX509Cert,
"Frontend.certificate",
help="An X509 certificate for the frontend server.")
config_lib.DEFINE_bool("Cron.active", False,
config_lib.DEFINE_string("BigQuery.service_acct_json", None,
"The json contents of the service account file.")
config_lib.DEFINE_string("BigQuery.project_id", None,
"The BigQuery project_id.")
config_lib.DEFINE_string("BigQuery.dataset_id", "grr",
"The BigQuery project_id.")
config_lib.DEFINE_integer("BigQuery.max_file_post_size", 5 * 1000 * 1000,
"Max size of file to put in each POST "
"to bigquery. Note enforcement is not exact.")
config_lib.DEFINE_integer("BigQuery.retry_max_attempts", 2,
"Total number of times to retry an upload.")
config_lib.DEFINE_integer("BigQuery.max_upload_failures", 100,
"Total number of times to try uploading to BigQuery"
" for a given hunt or flow.")
config_lib.DEFINE_semantic_value(rdfvalue.DurationSeconds,
"BigQuery.retry_interval", "2s",
"Time to wait before first retry.")
config_lib.DEFINE_integer("BigQuery.retry_multiplier", 2,
"For each retry, multiply last delay by this value.")
config_lib.DEFINE_integer_list("BigQuery.retry_status_codes",
[404, 500, 502, 503, 504],
"HTTP status codes on which we should retry.")
default="grrbigtable",
help="The cloud bigtable instance ID.")
config_lib.DEFINE_string(
"CloudBigtable.test_project_id",
default=None,
help="Set this to run the cloud bigtable tests. Note that billing applies! "
"Always check your project has deleted the test instances correctly after "
"running these tests.")
config_lib.DEFINE_string("CloudBigtable.instance_name",
default="grrbigtable",
help="The cloud bigtable instance ID.")
config_lib.DEFINE_semantic_value(rdfvalue.Duration,
"CloudBigtable.retry_interval", "1s",
"Time to wait before first retry.")
config_lib.DEFINE_integer(
"CloudBigtable.retry_max_attempts",
default=5,
help="Maximum number of retries on RPC before we give up.")
config_lib.DEFINE_integer(
"CloudBigtable.retry_multiplier", 2,
"For each retry, multiply last delay by this value.")
config_lib.DEFINE_string("CloudBigtable.table_name",
default="grrbigtable",
help="The cloud bigtable table name.")
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
help="CA private key. Used to sign for client enrollment.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.server_key",
help="Private key for the front end server.")
config_lib.DEFINE_integer("Server.rsa_key_length", 2048,
"The length of the server rsa key in bits.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RDFX509Cert,
"Frontend.certificate",
help="An X509 certificate for the frontend server.")
config_lib.DEFINE_string(
"Client.config_hive",
"HKEY_LOCAL_MACHINE",
help="The registry hive where the client "
"configuration will be stored.")
config_lib.DEFINE_string(
"Client.config_key",
r"Software\\%(Client.name)",
help="The registry key where client configuration "
"will be stored.")
# Client Cryptographic options. Here we define defaults for key values.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"Client.private_key",
help="Client private key in pem format. If not provided this "
"will be generated by the enrollment process.",
)
config_lib.DEFINE_semantic_value(
rdf_crypto.RDFX509Cert,
"CA.certificate",
help="Trusted CA certificate in X509 pem format",
)
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPublicKey,
"Client.executable_signing_public_key",
help="public key for verifying executable signing.")
config_lib.DEFINE_semantic_value(
#!/usr/bin/env python
"""API config options."""
from grr_response_core.lib import config_lib
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer(
"API.DailyFlowRequestLimit", "10",
"Number of flows a user can run on a single client "
"per day before being blocked by throttling. Set to "
"0 to disable checking.")
config_lib.DEFINE_semantic_value(
rdfvalue.Duration,
"API.FlowDuplicateInterval",
default="1200s",
description="Amount of time "
"that needs to pass before the throttler will allow "
"an identical flow to run on the same client. Set "
"to 0s to disable checking.")
config_lib.DEFINE_string(
"API.RouterACLConfigFile", "", "The file containing API acls, see "
"grr/config/api_acls.yaml for an example.")
config_lib.DEFINE_string(
"API.DefaultRouter", "DisabledApiCallRouter",
"The default router used by the API if there are no "
"rules defined in API.RouterACLConfigFile or if none "
"of these rules matches.")
