etc/master.config
# Copyright (C) 2019-2024 Marcus Rickert
#
# See https://github.com/marcus67/little_brother
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# This file contains a LittleBrother configuration for a master host.
[LittleBrother]
# Interval in seconds between applying the rules to the collected process statistics. Default: 5
check_interval=5
# Logging level of the application. Default: INFO
# Allowed values: DEBUG, INFO, WARNING, ERROR
#log_level=DEBUG
# Run the application in debugging mode. If active, any exception will print a
# stack trace and terminate the application. Do not activate in "production" mode.
# Default: False
#debug_mode=True
[RuleHandler]
# Set the number of minutes before logout that LittleBrother starts issuing notifications (every minute).
# Default to 5 minutes.
#warning_before_logout = 3
#[PrometheusClient]
# Activate the prometheus client by providing a port number. See https://github.com/prometheus/client_python
#port=8888
[AppControl]
# If active, the processes on the host will be checked. Use "False" if users
# do not log onto the master host. Default: True
scan_active=true
# Sets the number of days that user play statistics will be available in the frontend.
# Default: 7
#process_lookback_in_days = 14
# Sets the number of days that entries of entities 'process_info', 'admin_event' and 'rule_override' will be kept
# in the database. This number should always be at least one day larger than 'process_lookback_in_days'!
# Default: 180
#history_length_in_days = 30
# Sets the number of future days that user play time configuration will be available in the frontend.
# Default: 7
#admin_lookahead_in_days = 14
# Use this to replace the canonical hostname retrieved from the system. This hostname will occur in all statistics.
#hostname = MY.BEAUTIFIED.HOSTNAME
# Set the minimum duration in seconds that a process has to be active to be considered relevant "play time".
# Default: 60. Increase if there e.g. are short scheduled processes running on the hosts matching the patterns
# of "play" processes.
#min_activity_duration = 120
# Number of seconds before warnings are issued about missing connectivity (no successful send events from client to master)
# Defaults to 3 * DEFAULT_CHECK_INTERVAL.
#warning_time_without_send_events = 15
# Number of seconds before client terminates processes due to missing connectivity (no successful send events from client to master)
# Defaults to 10 * DEFAULT_CHECK_INTERVAL.
#maximum_time_without_send_events = 50
# Number of seconds to delay the kill process events so that messages are safely played back on the clients
# Defaults to 10 seconds
#kill_process_delay = 15
#[VersionChecker]
# Set the number days between version checks. A value of 0 deactivates the check.
#check_interval_in_days = 1
#[MasterConnector]
# Unique token that authorizes a client host with the master host. It has to match the
# corresponding entry on the client hosts.
#access_token=SOME_LONG_AND_SECRET_TOKEN
# Time in seconds that a client waits while sending data to the master before a timeout occurs. In a stable network
# this value can be set to a smaller value resulting in a decreased likelihood that the slave will "freeze" when the
# master has some transient trouble.
#request_timeout = 5
[ClientProcessHandler]
# Interval in seconds between two checks of the processes on a host. Default: 10
# Since reading the process table is often a time-consuming task it may be suitable to increase
# this value to about 20-60 seconds.
check_interval=10
# Activate the scanning of the binary path and the command line options (in addition to the name of the binary).
# Defaults to False
#scan_command_line_options=True
[ClientDeviceHandler]
# Interval in seconds between two pings to configured monitored devices. Default: 10
# Since pinging is often a time-consuming task it may be suitable to increase this value to about 30-60 seconds.
check_interval=30
# Path of the "ping" utility. Default: /bin/ping
#ping_command = /SOME/OTHER/PATH/PING
# Regular expression to extract the round trip time from a ping call. Use paranthethes to mark the actual time duration
# in milliseconds. Default: rtt min/avg/max/mdev = [\d\.]+/([\d\.]+)/[\d\.]+/[\d\.]+ ms
#ping_result_regex = SOME OTHER ELABORATE EXPRESSION
# Factor by which the value max_active_ping_delay is multiplied to compute the delay if no answer is received from
# the device. Defaults to 2
#inactive_factor = 3
[StatusServer]
# Set IP address that the webserver will listen to. Default: 0.0.0.0, hence it will listen to all local interfaces.
#host=localhost
# Set the port number, the webserver will listen to. Default: None, hence the webserver will not be started.
port=5555
# Set a unique secret which will be used to generate HTML cookies
app_secret=SOME_OTHER_LONG_AND_SECRET_TOKEN
# Set a prefix for all web pages of the application. Default: None, which implies no prefix at all
#base_url=/LittleBrother
[UnixUserHandler]
# Set the name of the administration user
admin_username=admin
# Set the password for the administration user
admin_password=test123
# Activate the following settings to configure the default route of the internet access. This will enable LittleBrother
# to use iptables to limit the internet access for client. See ADVANCED_TOPICS.md for detail.
#[FirewallHandler]
#target_ip[0] = 0.0.0.0
# Set the duration for which iptables entries are cached in the handler. Smaller values are more secure since the
# likelihood of a discrepancy between iptables and the cache becomes smaller, larger values improve performance.
#cache_ttl = 300
[DeviceActivationManager]
check_interval = 5
#[LdapUserHandler]
# Number of minutes that LDAP data is cached before re-reading
#cache_timeout_in_minutes = 1
# Name of the LDAP server. Defaults to 'localhost' (mandatory)
#ldap_host = some.other.host
# Port of the LDAP server. Defaults to 389 (mandatory)
#ldap_port = 389
# Distinguished name of a user permitted to read Posix users and groups in the LDAP directory (mandatory)
#ldap_bind_dn = cn=admin,dc=acme,dc=com
# Password of the user above (plain text, mandatory)
#ldap_bind_password = somesecret
# Distinguished name of the subtree containing Posix users and groups (mandatory). It is only used for groups
# if ldap_group_search_base_dn is not set!
#ldap_search_base_dn = dc=acme,dc=com
# Distinguished name of the subtree containing Posix groups (optional)
#ldap_group_search_base_dn = dc=acme,dc=com
# Name (cn) of the group containing all normal users to be offered for monitoring (optional)
#ldap_user_group_name = little-brother-users
# Name (cn) of the group containing all admin users to be offered for monitoring (mandatory)
#ldap_admin_group_name = little-brother-admins
# Name of the LDAP class to filter for when looking for users. Defaults to 'posixAccount'
#ldap_user_object_class = posixAccount
# Name of the LDAP class to filter for when looking for groups. Defaults to 'posixGroup'
#ldap_group_object_class = posixGroup
[Persistence]
# See http://docs.sqlalchemy.org/en/rel_0_9/dialects/mysql.html#module-sqlalchemy.dialects.mysql.pymysql
# Set the details and credentials for connecting to the backend database
# Set the name of the database driver. Default: mysql+pymysql
# For more information on how to configure the database driver see https://docs.sqlalchemy.org/en/13/core/engines.html
#
database_driver=sqlite
# Set the directory where the sqlite database will be placed. If empty it will be placed by the driver.
sqlite_dir=/var/spool/little-brother
# Set the filename for the sqlite database if the directory is set (see above).
sqlite_filename=little-brother.sqlite.db
# Set the name of the database host. Default: 'localhost'
#database_host = some.other.host
# Set the port number of the database running on the host above. Default: 3306 (for mysql)
# database_port = 3306
# Name of the database scheme used to create the tables for the application. Default: little_brother
#database_name = my_database
# Name of the database user accessing the scheme above (application user). Default: little_brother
#database_user = my_user
# Password of the user above. Default: None
#database_password = some_secret_password
# Set the name of the database admin with permission to create schemes and grant rights. Default: None
# Note that this name will usually be given as a command line option since it is only required during the
# initial startup for the creation of the scheme and not during normal operation.
#database_admin = some_admin_name
# Set the password of the database admin above with permission to create schemes and grant rights. Default: None
# Note that this name will usually be given as a command line option since it is only required during the
# initial startup for the creation of the scheme and not during normal operation.
#database_admin_password = some_secret_admin_password
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Note that the audio handling by the client process is obsolete. Use the little-brother-taskbar instead.
# See https://pypi.org/project/little-brother-taskbar/
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#[AudioHandler]
# Set the volume of the audio output in percent. Default: None, hence no attempt will be made to change the setting.
#audio_mixer_volume=150
# Select the engine of the speech output.
# Permitted values:
# * google : Use the library 'python_google_speak' to generate the speech output. Note that this library requires an
# internet connection!
# * external : Use an external command to generate the speech output. See setting 'speech_generator_cmd_line'.
# The default value is None, which deactivates spoken notifications.
#speech_engine=google
# If true, the generated files will be cached in the spool directory (see below). Default: False
#cache_audio_files = True
# Set the speed of the speech generator in words per minutes. Default: 100
# speech_words_per_minute = 80
# Set the minimum waiting time in seconds before a spoken messages is repeated. Any request to issue the same messages
# before this time will be silently ignored. Default: 30
#mininum_waiting_time_before_repeat = 20 # seconds
# Set the directory where generated speech files will be cached. Default: /var/spool/little-brother
#spool_dir = "/tmp"
# Set the prefix of the filenames used for generated speech files. Default: little-brother-speech-
#audio_file_prefix = "my-prefix-"
# Set the path of the mixer tool. Default: /usr/bin/amixer
#audio_mixer_bin = '/bin/amixer'
# Set the default locale of the speech output if the monitored user does not have a locale configured. If both are unset
# the system default locale will be used. Default: None
#locale = de_DE
# Set the command line for the external speech generation tool.
# Default: /usr/bin/festival --tts --language american_english {inline}
# The command line may contain the following patterns will be replaced before its execution:
# * {infile} : name of a file containing the text to be spoken
# * {text}: text to be spoken
#speech_generator_cmd_line =
# Set the audio engine playing generated MPEG files.
# Available options:
# 'playsound': use library 'playsound' (default, see https://pypi.org/project/playsound/)
# 'pyglet': use library 'pyglet' (see https://pyglet.readthedocs.io/en/stable/)
# 'mpg123': use external binary 'mpg123'
#audio_player=mpg123
# Command line of the mpg123 binary. Defaults to '/usr/bin/mpg123'
#mpg123_binary=