Skip to content

Settings

All settings live in danbyte/settings.py. Most are driven by env vars with sensible dev defaults.

Database (Postgres-only)

DATABASES["default"] = {
    "ENGINE":   "django.db.backends.postgresql",
    "NAME":     os.getenv("DB_NAME", "danbyte"),
    "USER":     os.getenv("DB_USER", "danbyte"),
    "PASSWORD": os.getenv("DB_PASSWORD", "danbyte"),
    "HOST":     os.getenv("DB_HOST", "127.0.0.1"),
    "PORT":     os.getenv("DB_PORT", "5432"),
}

SQLite is no longer supported. Postgres 15+ is required for the nulls_distinct=False unique constraint that makes the VRF model work.

CORS

CORS_ALLOWED_ORIGINS = os.getenv(
    "CORS_ALLOWED_ORIGINS", "http://localhost:3000"
).split(",")

DRF

The API is currently AllowAny to keep the MVP demo open. Tighten before any real deployment.

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "rest_framework.authentication.SessionAuthentication",
        "rest_framework_simplejwt.authentication.JWTAuthentication",
    ],
    "DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.AllowAny"],
    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
    "PAGE_SIZE": 50,
}

Static

STATICFILES_DIRS includes design/, so the mockup theme.js and tokens.css are served at /static/theme.js and /static/tokens.css — used by _shell.html.

Hosts

ALLOWED_HOSTS should be set in the systemd service env (already done for local + Netbird in services/danbyte-backend.service):

Environment=ALLOWED_HOSTS=localhost,127.0.0.1,<your-vpn-fqdn>,<your-vpn-ip>

Outbound requests (SSRF guard)

User-configured outbound URLs — webhooks, notification channels, and automation targets — are validated before each request: the host is resolved and rejected if it points at a loopback / RFC1918 / link-local / 169.254.0.0/16 (cloud metadata) / ULA / reserved address. This stops a tenant admin pointing a webhook at internal services and reading the response back.

If you need an internal target (e.g. an on-prem automation runner like the IaC runner), allow-list its address(es):

Environment=DANBYTE_SSRF_ALLOWLIST=192.168.0.0/24,10.1.2.3

Comma-separated CIDRs/IPs whose resolved addresses are permitted. Empty by default (all internal addresses blocked).

Logging

Console logging is on by default (django at INFO, rq.worker at INFO). Suitable for journalctl --user -fu danbyte-backend.

Secrets

Setting Where it lives Dev default Prod
DJANGO_SECRET_KEY env dev-key-change-in-prod env var, rotated
DB_PASSWORD env danbyte env var, rotated
Email creds DB (UI) or env console backend Settings → Email & Delivery (encrypted)

The EMAIL_* env vars remain the fallback, but the SMTP server, credentials, and outbound-delivery options are normally configured at runtime under Settings → Email & Delivery (users.manage). They live in the deployment-wide singleton core.DeploymentSettings; the SMTP password is Fernet-encrypted at rest. See Notifications.

Monitoring

Settings for the Monitoring / check engine. All have working defaults, so the feature runs with none of them set.

Setting Default Purpose
MONITORING_SECRET_KEY derived from SECRET_KEY Encryption key for check credentials at rest (Fernet). Set a dedicated key in prod so rotating SECRET_KEY doesn't invalidate stored secrets.
MONITORING_SECRETS_BACKEND empty (Fernet) Dotted path to a factory returning a SecretsBackend. Swap in an external store (OpenBao/Vault) without touching models.
MONITORING_CONCURRENCY 100 Max concurrent check attempts in one worker job's asyncio loop. Raising it needs a matching LimitNOFILE bump on the worker unit.
MONITORING_GLOBAL_INTERVAL_SECONDS 300 Default schedule (seconds) for assignments in follow_global mode.
MONITORING_GLOBAL_ENABLED True Global on/off switch that follow_global assignments obey.
MONITORING_SHARD_SIZE 2000 Targets per ICMP multiping shard (one RQ job each).
MONITORING_GENERIC_SHARD_SIZE 200 Targets per TCP/HTTP/… shard.
MONITORING_INFLIGHT_DEADLINE_SECONDS 600 A check claimed (in_flight) longer than this is treated as orphaned by a dead/restarted worker and reclaimed by the dispatcher's reaper, so it re-runs instead of being stuck unknown. A healthy run clears in_flight within seconds.
MONITORING_EXEC_ENABLED False Master switch for exec (script/plugin) checks. Off by default — running local commands from the UI is privileged. Set True and MONITORING_PLUGIN_DIR to use them. See Script / exec checks.
MONITORING_PLUGIN_DIR empty Directory of trusted Nagios-style plugins. An exec check may only run a plugin (by bare name, no path traversal) inside this dir; args are passed without a shell.
MONITORING_WEBHOOK_TIMEOUT 5 Per-channel webhook POST timeout (seconds).
MONITORING_RESULT_RETENTION_DAYS 90 Delete CheckResult rows older than this (daily prune).
MONITORING_TRANSITION_RETENTION_DAYS 365 Delete StateTransition rows older than this.