-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.py
92 lines (77 loc) · 2.88 KB
/
config.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
"""
Configuration settings for GhostSec application.
"""
import os
from datetime import timedelta
class Config:
"""Base configuration."""
SECRET_KEY = os.environ.get('SECRET_KEY') or 'hard-to-guess-string'
SQLALCHEMY_TRACK_MODIFICATIONS = False
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or 'sqlite:///ghostsec.db'
# Security settings
SESSION_COOKIE_SECURE = True
REMEMBER_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
REMEMBER_COOKIE_HTTPONLY = True
PERMANENT_SESSION_LIFETIME = timedelta(days=7)
# Mail settings
MAIL_SERVER = os.environ.get('MAIL_SERVER', 'smtp.gmail.com')
MAIL_PORT = int(os.environ.get('MAIL_PORT', '587'))
MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS', 'true').lower() in ['true', 'on', '1']
MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
# Rate limiting
RATELIMIT_DEFAULT = "100/hour"
RATELIMIT_STORAGE_URL = "memory://"
# File upload settings
MAX_CONTENT_LENGTH = 16 * 1024 * 1024 # 16MB max file size
UPLOAD_FOLDER = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'uploads')
ALLOWED_EXTENSIONS = {'txt', 'pdf', 'png', 'jpg', 'jpeg', 'gif'}
# WebSocket settings
SOCKET_IO_PING_TIMEOUT = 10
SOCKET_IO_PING_INTERVAL = 25
# Lab environment settings
LAB_CONTAINER_PREFIX = 'ghostsec_lab_'
LAB_NETWORK_NAME = 'ghostsec_lab_network'
LAB_MAX_DURATION = timedelta(hours=4)
# Logging configuration
LOG_FORMAT = '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
LOG_LEVEL = 'INFO'
@staticmethod
def init_app(app):
"""Initialize application with specific settings."""
os.makedirs(Config.UPLOAD_FOLDER, exist_ok=True)
class DevelopmentConfig(Config):
"""Development configuration."""
DEBUG = True
SQLALCHEMY_ECHO = True
SESSION_COOKIE_SECURE = False
REMEMBER_COOKIE_SECURE = False
LOG_LEVEL = 'DEBUG'
class TestingConfig(Config):
"""Testing configuration."""
TESTING = True
SQLALCHEMY_DATABASE_URI = 'sqlite:///:memory:'
WTF_CSRF_ENABLED = False
SERVER_NAME = 'localhost:5000'
class ProductionConfig(Config):
"""Production configuration."""
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
'postgresql://ghostsec:password@localhost/ghostsec'
LOG_LEVEL = 'ERROR'
@classmethod
def init_app(cls, app):
"""Production-specific initialization."""
Config.init_app(app)
# Log to syslog
import logging
from logging.handlers import SysLogHandler
syslog_handler = SysLogHandler()
syslog_handler.setLevel(logging.ERROR)
app.logger.addHandler(syslog_handler)
config = {
'development': DevelopmentConfig,
'testing': TestingConfig,
'production': ProductionConfig,
'default': DevelopmentConfig
}