Home Index
The Configuration File.
The configuration file is a file containing a JSON object. Networkmaps expects the configuration file to be located in /etc/networkmaps.
A basic configuration file will look like this: 
{
    "socket": {
        "address": "<ip>",
        "port": <port>
    },
    "sendmail": {
        "server": "<smtp_server>",
        "port": <smtp_port>,
        "is_secured": <smtp_is_secured>,
        "user": "<smtp_user>",
        "password": "<smtp_password>",
        "from": "<email_from>"
    }
}
In the following list you can find the different options you can configure in the configuration file:
  • socket: on this section, you have to specify where is the server going to be listening (ip address and port):
    • address: IP address on which the server will be listening. Defaults to "localhost"
    • port: tcp port where the server will be listening. Defaults to 3000
    • cert: if use_ssl_socket is set to true, this is where we define the path to the certificate to be used by the socket for SSL/TLS
    • key: if use_ssl_socket is set to true, this is where we define the path to the key of the certificate to be used by the socket for SSL/TLS
  • server: on this section, we define where clients will be accessing the server (hostname and port
    • hostname: string defining the FQDN used by clients to connect to the application. By default, it will take same value as address in socket
    • port: port where clients will be connecting. By default, it will take the same value as port in socket
    • use_client: boolean. If true, the browser will use the url the client typed to access the server. Defaults to false
  • use_ssl_socket: boolean (true/false) defining if the socket will use https protocol or http. Default is false (http)
  • use_ssl: boolean that tells the application if the clients are going to connect to the server using https or http. use_ssl and use_ssl_socket are usually the same, but in case there is an external system doing ssl offload for the server, it might happen that use_ssl is true and use_ssl_socket is false. By default, it is false.
  • serve_static_locally: boolean telling the application if it has to serve static content (anything below the html directory) or if this content will be served by an external server. By default, it will be true (serve static content). If set to false, you have to tell the application where clients will find this content under the staticserver section.
  • staticserver: on this section, we define where clients will be connecting to get static content (css, images, js files, ...). If serve_static_locally is set to true this section will be the same as server section. But if we want static content to be served by a different server, we can define here where clients will find it. Static content is anything under the directory html.
    • hostname: string defining the FQDN used by clients to get static content. By default, it will take same value as hostname in server
    • port: port where clients will be connecting to get static content. By default, it will take the same value as port in server
    • use_client: the browser will use the url the client typed to access the server. By default, it will take the same value as use_client in server
  • timers: on this sections, we will define some timers used by the application.
    • usertimeout: timeout in seconds to do some housekeeping on the user database (removing old pasword reset requests, removing old sessions, users not validated, ..). Defaults to 3600
    • usersavetimeout: timeout in seconds to save the user database to disk. Networkmaps keeps the whole user database in memory and it saves it to disk when this timeout runs. Defaults to 300
    • savediagram: timeout in seconds defining when a diagram is saved to disk. When a user connects to a diagram, Networkmaps loads it to memory. The diagram is saved to disk when either this timeout runs or when the last user closes the diagram. Default is 300.
    • ldap_grouprefresh: how often do we update the cached ldap group members (in case of ldap authentication). Default is 600.
  • users: section used to define where the user database will be stored.
    • path: directory where user database will be stored. Default is "/var/lib/networkmaps/users". This directory must exist
    • authentication: defines what authentication server NetworkMaps uses. Defaults to local. Options are:
      • local: NetworkMaps manages the users and passwords by itself
      • ldap: NetworkMaps uses an LDAP server for authentication. LDAP server settings can be found on the ldap section.
      • openid: NetworkMaps uses a OpenID to authenticate users to an IAM server. Settings will be found under the openid section.
    • register_self: boolean (true or false) indicating if users are allowed to register themselves. Default is true.
    • admin_username: admin user name to access the admin endpoint. By default: admin
    • admin_password: password of admin user. By default: null (not allowing admin user to log in).
    • allowed_domains: list of strings where each string is a domain for which all users can authenticate. Default is [] (meaning any domain is allowed).
    • ldap: Section containing ldap server settings:
      • host: ip or name of the LDAP server.
      • port: port where ldap server is listening.
      • is_secured: boolean indicating if the connection to the server has to be done using ldaps or ldap.
      • verify_cert: if ldaps (is_secure = true), do we check the certificate? Default is true.
      • bind_required: if the LDAP server requires an authenticated user to do searches, this should be true.
      • search_dn: is bind_required, dn of the user used to do searches on LDAP.
      • search_password: password of search_dn.
      • base_dn: base dn where users and groups will be searched in the LDAP server.
      • objectclass_user: what object class identifies a user? Defaults to "inetOrgPerson".
      • allowed_groups_dn: this is a list of group dns indicating the groups that are allowed to login into NetworkMaps. If the list is empty, all users on the ldap server are allowed.
      • group_recursion: number. Defaults to 0. If a group can have groups inside, this tells NetworkMaps how many levels of groups it can descent to look at what users are members of these groups.
      • email_attribute. NetworkMaps authenticates users by email address. This parameter tells NetworkMaps on which attribute to look for the email address of a user on the LDAP server. Defaults to "mail".
      • name_attribute: LDAP attribute used by NetworkMaps as the name of users. Defaults to "givenName".
      • lastname_attribute: LDAP attribute used by NetworkMaps as the last name of users. Defaults to "sn".
      • member_attribute: LDAP group attribute used by NetworkMaps to identify users belonging to this group. Defaults to "member".
    • openid: Section containing openid server settings:
      • client_id: client id provided by the IAM.
      • auth_server_url: base url of the IAM to authenticate users.
      • secret: (optional) secret shared between the IAM and NetworkMaps.
  • diagrams: section used to define where the diagrams will be stored.
    • path: directory where diagrams will be stored. Each diagram is stored here on a JSON file. Default is "/var/lib/networkmaps/diagrams". This directory must exist.
    • shapes: directory where custom shape groups will be stored. Default is "/var/lib/networkmaps/shapes". This directory must exist.
  • sendmail: section where we define how emails are sent and where they are stored. Networkmaps ("server.js" file) doesn't send emails by itself. Instead, it stored emails on a folder and let other process send it ("smtp_daemon.js"). On this section, we define how they interact.
    • queue: directory where email will be stored before smtp_daemon sends them. Defaults to "/var/lib/networkmaps/sendmail/queue"
    • sent: directory where emails will be moved once smtp_daemon has sent them. Defaults to "/var/lib/networkmaps/sendmail/sent"
    • server: smtp server used to send email.
    • port: port where smtp server listens.
    • is_secured: boolean defining is the smtp server uses TLS.
    • verify_ssl_cert: boolean indicating if, when connecting to the smtp relay server, we will verify the ssl certificate of it.
    • user: user to authenticate to smtp server.
    • password: password to authenticate to smtp server.
    • from: email address used on from field of emails. Default to NetworMaps.org <noreply@admin.networkmaps.org>
  • google_analytics_tag: string with google analytics tag for tracking user activity. If empty, no tracking will be done.