Web Portal Settings¶
This chapter lists and describes the available configuration options for the TeamDrive Web Portal.
You can review and modify most of these via the TeamDrive Web Portal Admin Console by clicking Settings. Some settings are marked as read-only (“R/O”), they can not be changed.
The settings are grouped into sections:
Admin Console¶
ExtAuthEnabled¶
Set this value to True
to enable External Authentication. See
Administrator Login using External Authentication for details.
ExtAuthURL¶
This is the URL that is used by the Web Portal to verify the login of an Administrator, when using External Authentication. See Administrator Login using External Authentication for details.
Language¶
This is the default language used by the Web Portal Admin Console.
UseTwoFactorAuth¶
Set to True
to enable two-factor authentication for Superusers.
Note that this setting only applies to the user of the Web Portal Admin Console. The setting has nothing to do with the use of two-facter authentication used by the users of the portal. This is described in the section: How to Enable Two-Factor Authentication.
Authentication¶
AuthLoginPageURL¶
This is URL of the login page which is used to login using the external Authentication Service. See Configuring Active Directory / LDAP Authentication Services for details.
When AuthServiceEnabled
is True
, the Web Portal login page:
https://webportal.yourdomain.com/portal/login.html
, redirects
to the page specified by this setting.
If AuthServiceEnabled
is True
, but this setting has no
value, then the Portal Login page provided by the Registration
Server (version 3.6 or later) is used by default.
The Registration Server Portal Login page also allows the
use of Two-factor authentication using the Google Authentication
App. In this case, Two-factor authentication can be setup using
the page: https://webportal.yourdomain.com/portal/setup-2fa.html
,
which redirects to the web-page that provides this service
on the Registration Server.
The Registration Server Portal pages are customisable using the templates provided. Details are available in the Registration Server documentation.
AuthServiceEnabled¶
Set this value to True
to enable an Authentication Service for the
TeamDrive users. This means that the users that access the Web
Portal are required to login using an external login page. See
Configuring Active Directory / LDAP Authentication Services for details.
When RegistrationEnabled
is set to True
, you must ensure
that AuthLoginPageURL
(see AuthLoginPageURL) is
set correctly.
In order to permit user registration via an Authentication Service
you must also set RegistrationEnabled
to True
(see RegistrationEnabled). In this case, you must also
set RegistrationURL
(see RegistrationURL) correctly.
AuthTokenVerifyURL¶
This URL is used to verify the token returned by the Authentication Service after success login by a TeamDrive user. See Configuring Active Directory / LDAP Authentication Services for details.
BY default, this setting is set to the Web Portal verification URL:
https://webportal.yourdomain.com/portal/verify.html
LicenseBuyURL¶
This URL will be displayed for a user, if LicenseProfessionalRequired is set and the user has no professional license.
LicenseProfessionalRequired¶
Login at the Web Portal requires a professional license for the user.
Docker Settings¶
ContainerImage¶
This is the name of the image that must be used when creating a new container. See Upgrading the Docker Container Image for details.
Note that if the MinimumAgentVersion
specifies a TeamDrive agent
version that is higher than the version of the Agent specified
by ContainerImage
, then the container image used will be
determined by MinimumAgentVersion
.
ContainerRoot¶
This is the absolute path that reference the directory in which all containers will create the user data.
ContainerStorageTimeout¶
This is the time, in minutes, that an container must be idle before its storage is removed. Zero means that the container storage is never deleted. See Upgrading the Docker Container Image for details.
DockerHost¶
This is the host name and port of the Docker daemon which runs the containers. See Installing Docker for details.
IdleContainerTimeout¶
This is the time, in seconds, that a container must be idle before it is removed. Zero means that containers are never removed. See Upgrading the Docker Container Image for details.
MinDockerDataSpaceAvailable¶
A minimum value in GB for the available docker data space on the storage (see https://docs.docker.com/engine/userguide/storagedriver/device-mapper-driver/#/configure-docker-with-devicemapper) If the minimum value is reached, no more docker container for new users will be created. Set to 0 to disable checking the available docker data space.
MinDockerMetaDataSpaceAvailable¶
A minimum value in GB for the available docker meta data space on the storage (see https://docs.docker.com/engine/userguide/storagedriver/device-mapper-driver/#/configure-docker-with-devicemapper) If the minimum value is reached, no more docker container for new users will be created. Set to 0 to disable checking the available docker meta data space.
MinimumAgentVersion¶
This setting is specifies the minimum TeamDrive Agent version that is
required by the Web Portal. The setting may not be modified. If The
current image used by containers has a Agent version that is earlier
than MinimumAgentVersion
, then upgrade of the containers will be
forced by the Web Portal. This means that users may experience a
spontaneous logout.
Following upgrade, ContainerImage
will be set to the required
image.
MaxActiveContainer¶
A parameter to limit the currently active users. Set to 0 to disable the limitation.
OldImageRemovalTime¶
Use this setting to specify when containers with old images should be
removed. You can set it to “now”, to remove the containers immediately, if
set to “never”, then containers are only removed if the OldImageTimeout
is
exceeded. This value can also be set to a time (e.g. 03:00, format: hh:mm),
or a date (format YYYY-MM-DD hh:mm). Note, if RemoveOldImages is False
,
this setting is ignored. See Upgrading the Docker Container Image for details.
OldImageTimeout¶
This is the time, in seconds, that a container with an old image must be
idle before it is removed. Zero means the container is removed, even if
it is running. Note, if RemoveOldImages
is False
, this setting is ignored.
See Upgrading the Docker Container Image for details.
RemoveOldImages¶
Set to True
if containers running an old image (i.e. not equal to
ContainerImage) should be removed. See Upgrading the Docker Container Image for
details.
Email Settings¶
EmailOriginHost¶
Specify the domain of the origin host, for emails sent by the server. See Enabling Two-Factor Authentication for Administrators for details.
EmailSendTimeout¶
Timeout in seconds, when sending an email. See Enabling Two-Factor Authentication for Administrators for details.
EmailReplyToAddress¶
This is the email address that will appear in the Reply-To header of the email, and will be used by the email client if the user attempts to reply to emails sent by the Web Portal. See Enabling Two-Factor Authentication for Administrators for details.
EmailSenderAddress¶
The email address of the sender. This address is not directly visible to the email receiver. If an email bounces, a message will be sent to this address. See Enabling Two-Factor Authentication for Administrators for details.
EmailSettingsToConfirm¶
A hash of the email settings that need to be confirmed before saving. See Enabling Two-Factor Authentication for Administrators for details.
SMTPServerHost¶
Domain name (and port) of the SMTP server used to send emails. See Enabling Two-Factor Authentication for Administrators for details.
General Settings¶
AllowedProviders¶
This is a list of Provider codes of the users that may login to the Portal. If empty, any user may login to the Portal.
Note
Changes to the list will not be recognized by running container instances. You have to stop all running instances manually.
ForceHTTPSUsage¶
Set to True
if the Web Portal Admin Console must be accessed using
HTTPS.
MaxRecordsDisplayed¶
This setting determines the maximum number of records that may be retrieved from the database at any time. This parameter may only be changed by a Superuser.
RegAPIChecksumSalt¶
This is the Registration Server API salt. It is required to authorise access to the Registration Server’s API. See Activating the Web Portal for details.
Before you can change``RegAPIChecksumSalt`` you may have to set
RegServerHost
to blank (the empty string), if it references a
server that does not math the new RegAPIChecksumSalt
value.
After changing RegAPIChecksumSalt
you can then set RegServerHost
correctly.
RegistrationEnabled¶
Set to True
in order to allow users to register directly From
the Web Portal. By default this value is set to False
.
The setting RegistrationURL
(see RegistrationURL) specifies the
URL that provides the registration page.
When RegistrationEnabled
is set to True
there are 2 possibilities,
depending on whether AuthServiceEnabled
(AuthServiceEnabled) is
set to True
or False
.
If AuthServiceEnabled
is True
, then registration uses the external
Authentication Service mechanism which results in the user being logged-in,
immediately after registration.
When AuthServiceEnabled
is True
, it is possible to use the
customisable registration page provided by the Registration Server
(version 3.6 or later). In this case ``RegistrationURL``must not be set
(see RegistrationURL) .
If AuthServiceEnabled
is False
, then the TeamDrive Agent Web-GUI
provides a “Register Now” button which references this page specified by
RegistrationURL
, in the login dialog.
In this case, the page referenced by RegistrationURL
is a custom
developed web-page which performs registration using the Registration
Server API and then redirects to the Web Portal login page:
https://webportal.yourdomain.com/portal/login.html
.
RegistrationURL¶
This URL references a Web-page where a user can register as a TeamDrive user. Alternatively, if an external Authentication Service is being used this page allows users to register with this service.
This page will only be used of RegistrationEnabled
is set to True
.
The Web Portal register page:
https://webportal.yourdomain.com/portal/register.html
, automatically
redirects to the page.
If RegistrationEnabled
is True
, but this setting has no
value, then the Portal Registration page provided by the Registration
Server (version 3.6 or later) is used by default. In this case,
AuthServiceEnabled
(see AuthServiceEnabled) must be set to True
.
If RegistrationEnabled
is True
and AuthServiceEnabled
is False
then this setting must reference a custom developed web-page which performs
registration using the Registration Server API and then redirects to the
Web Portal login page:
https://webportal.yourdomain.com/portal/login.html
.
RegServerHost¶
This is the domain name of the Registration Server. See Activating the Web Portal for details.
Before you can set RegServerHost
you may have to set
RegAPIChecksumSalt
to blank (the empty string) if the current
value of RegAPIChecksumSalt
does not match the Registration
Server.
After changing RegServerHost
you can then set RegAPIChecksumSalt
correctly. This is necessary because the Web Portal will
attempt to verify the Registration Server connection and will fail
if RegAPIChecksumSalt
is set to an incorrect value.
ServerRoot¶
The installation directory of the Web Portal application.
SessionTimeout¶
This is the idle time in seconds after which you are required to login to the Web Portal Admin Console again.
WebPortalDomain¶
This is the domain name (or URL) of this service.
WebPortalName¶
This name of this service. The name is displayed in the Web Portal Admin Console. The default value is the domain name of the service. The name is used for display purposes only, and may be set to any value.
Outgoing Connections¶
UseProxy¶
Set this value to True
in order to enable this of a proxy for all
outgoing connections of the Web Portal, and the TeamDrive Agent running
in the Docker environment.
ProxyHost¶
This is the domain name (or IP address) and port number of the proxy to
be used for outgoing connections. If not set, the UseProxy
setting
will be ignored.
Note that this setting is used for both HTTP and HTTPS proxies.
NoProxyList¶
This is a comma separated list of domains and IP addresses that must be do not use of the proxy during connection.
ConnectionTimeout¶
The timeout in milliseconds when making outbound connections. The default is 30 seconds.