jahanson/theshire
1
0
Fork 0
Code Issues 1 Pull requests 3 Projects Releases Packages Wiki Activity Actions
theshire/kubernetes/apps/default/kasm/app/resources/default_properties.yml

1304 lines
47 KiB
YAML
Raw Normal View History

kasm-wip -- might have to shelve
2024-08-21 15:59:52 -05:00
alembic_version: 7e0b6092d015
branding_configs: []
cast_configs: []
filter_policies: []
group_images: []
group_settings:
- description: Allow audio streaming for a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:2}"
name: allow_kasm_audio
value: "False"
value_type: bool
- description: Allow microphone passthrough to a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:3}"
name: allow_kasm_microphone
value: "False"
value_type: bool
- description: Allow gamepad passthrough to a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:4}"
name: allow_kasm_gamepad
value: "False"
value_type: bool
- description: Allows users to paste text from the Kasm to their local computer.
group_id: null
group_setting_id: "${uuid:group_setting_id:5}"
name: allow_kasm_clipboard_down
value: "False"
value_type: bool
- description: Allows users to copy and paste text without using Kasm control panel.
group_id: null
group_setting_id: "${uuid:group_setting_id:6}"
name: allow_kasm_clipboard_seamless
value: "False"
value_type: bool
- description: Allow users to paste from their local computer to the Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:7}"
name: allow_kasm_clipboard_up
value: "False"
value_type: bool
- description: Allow users to download files from a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:8}"
name: allow_kasm_downloads
value: "False"
value_type: bool
- description: Allow users to upload files to a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:9}"
name: allow_kasm_uploads
value: "False"
value_type: bool
- description: Allow webcam passthrough to a Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:55}"
name: allow_kasm_webcam
value: "False"
value_type: bool
- description: Allow the use of persistent profiles if configured on the Kasm Image.
group_id: null
group_setting_id: "${uuid:group_setting_id:10}"
name: allow_persistent_profile
value: "False"
value_type: bool
- description: Allow the user to share access to Kasms with other users.
group_id: null
group_setting_id: "${uuid:group_setting_id:11}"
name: allow_kasm_sharing
value: "False"
value_type: bool
- description: Allow the user to specify the deployment Zone for applicable Images.
group_id: null
group_setting_id: "${uuid:group_setting_id:12}"
name: allow_zone_selection
value: "False"
value_type: bool
- description:
Display detailed errors to the user if the UI experiences an unexpected
error.
group_id: null
group_setting_id: "${uuid:group_setting_id:13}"
name: display_ui_errors
value: "False"
value_type: bool
- description: When enabled, the UI will send log messages to the server.
group_id: null
group_setting_id: "${uuid:group_setting_id:14}"
name: enable_ui_server_logging
value: "True"
value_type: bool
- description:
Expose KASM_USER and KASM_USER_ID environment variables inside the
Kasm.
group_id: null
group_setting_id: "${uuid:group_setting_id:15}"
name: expose_user_environment_vars
value: "False"
value_type: bool
- description:
If configured, the user will be redirected to this URL instead of the
main dashboard.
group_id: null
group_setting_id: "${uuid:group_setting_id:16}"
name: dashboard_redirect
value: ""
value_type: string
- description:
Disconnect the Kasm connection if idle for this long. Time specified
in minutes.
group_id: null
group_setting_id: "${uuid:group_setting_id:17}"
name: idle_disconnect
value: "20"
value_type: float
- description: Automatically inject SSH public and private keys into Kasm sessions.
group_id: null
group_setting_id: "${uuid:group_setting_id:18}"
name: inject_ssh_keys
value: "False"
value_type: bool
- description: Default to audio enabled on Kasm start
group_id: null
group_setting_id: "${uuid:group_setting_id:19}"
name: kasm_audio_default_on
value: "False"
value_type: bool
- description:
The number of seconds a Kasm will stay alive unless a keeplive request
is sent from the client.
group_id: null
group_setting_id: "${uuid:group_setting_id:20}"
name: keepalive_expiration
value: "3600"
value_type: int
- description: The maximum number of simultaneous Kasms a users is allowed to provision.
group_id: null
group_setting_id: "${uuid:group_setting_id:21}"
name: max_kasms_per_user
value: "5"
value_type: int
- description:
Enable webp image compression for compatible browsers. This will increase
server side processing requirements but cut bandwidth by 30 percent.
group_id: null
group_setting_id: "${uuid:group_setting_id:22}"
name: enable_webp
value: "False"
value_type: bool
- description: Specify arbitrary docker run params.
group_id: null
group_setting_id: "${uuid:group_setting_id:23}"
name: run_config
value: "{}"
value_type: json
- description:
Sets the Default image for the /go route. Will automatically provision
this kasm image.
group_id: null
group_setting_id: "${uuid:group_setting_id:24}"
name: default_image
value: ""
value_type: image
- description:
Require two factor authentication for group. Users will be prompted
to set Key on next log on.
group_id: null
group_setting_id: "${uuid:group_setting_id:25}"
name: require_2fa
value: "False"
value_type: bool
- description: If enabled, sessions are limited to the defined value in seconds.
group_id: null
group_setting_id: "${uuid:group_setting_id:26}"
name: session_time_limit
value: "0"
value_type: int
- description:
When enabled, all users that join a shared session will have the ability
to control the session.
group_id: null
group_setting_id: "${uuid:group_setting_id:27}"
name: shared_session_full_control
value: "False"
value_type: bool
- description:
When enabled, Images that have been disabled by the administrator will
be visible to the user.
group_id: null
group_setting_id: "${uuid:group_setting_id:28}"
name: show_disabled_images
value: "False"
value_type: bool
- description: When enabled, a user must be subscribed to a plan to utilize the system.
group_id: null
group_setting_id: "${uuid:group_setting_id:29}"
name: require_subscription
value: "False"
value_type: bool
- description: This message is displayed to the user when an images is currently disabled.
group_id: null
group_setting_id: "${uuid:group_setting_id:30}"
name: disabled_image_message
value: ""
value_type: string
- description: Enable IME mode by default.
group_id: null
group_setting_id: "${uuid:group_setting_id:31}"
name: kasm_ime_mode_default_on
value: "False"
value_type: bool
- description:
"\n \tMap a local server directory to kasm. The format is in\
\ json. \n \tExample: {\"/data/departments/sales\": {\"bind\": \"/headless/documents/sales\"\
, \"mode\": \"rw\"} \n \tThis example mounts a directory on the local server,\
\ /data/department/sales to the container \n \tat the location /shares/sales\
\ with read and write permissions. \n \tIn order for the user in the Kasm\
\ to have write permissions on the mount the permissions \n \ton the server\
\ must allow read, write, execute for ALL users. This is because the \n \
\ \tuser running inside the Kasm is not a valid user on the server.\n \
\ \t"
group_id: null
group_setting_id: "${uuid:group_setting_id:32}"
name: volume_mapping
value: "{}"
value_type: json
- description: Sends users directly to kasm using default image after login
group_id: null
group_setting_id: "${uuid:group_setting_id:33}"
name: auto_login_to_kasm
value: "False"
value_type: bool
- description:
The number of chat history messages to show when a new user connects
to a shared Kasm. Set this value to 0 to disable showing chat history.
group_id: null
group_setting_id: "${uuid:group_setting_id:34}"
name: chat_history_messages
value: "0"
value_type: int
- description:
Locks video quality to static resolution of 720p when sharing is enabled.
Recomended for best performance.
group_id: null
group_setting_id: "${uuid:group_setting_id:35}"
name: lock_sharing_video_mode
value: "True"
value_type: bool
- description:
When connected to a session, the client will send a keepalive request
to the server at this interval (defined in seconds) to extend the expiration of
the session.
group_id: null
group_setting_id: "${uuid:group_setting_id:36}"
name: keepalive_interval
value: "300"
value_type: int
- description:
"Enable usage limits for the group. \n Specify a Type, Interval and\
\ number of Hours to set limit.\n Type is either per_user or per_group. \n Interval\
\ is one of Daily, Weekly, Monthly, or Total.\n Hours is a positive number of\
\ hours for the limit cap."
group_id: null
group_setting_id: "${uuid:group_setting_id:37}"
name: usage_limit
value: "{}"
value_type: usage_limit
- description: Sets the Web Filter Policy to be applied.
group_id: null
group_setting_id: "${uuid:group_setting_id:38}"
name: web_filter_policy
value: ""
value_type: filter_policy
- description: Arbitrary metadata for the group.
group_id: null
group_setting_id: "${uuid:group_setting_id:39}"
name: metadata
value: "{}"
value_type: json
- description:
The number of days a password is valid for, after which the user will
be required to change their password. A value of 0 disables password expiration.
group_id: null
group_setting_id: "${uuid:group_setting_id:40}"
name: password_expires
value: "0"
value_type: int
- description: Display delete Kasm session option on the Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:41}"
name: control_panel.show_delete_session
value: "True"
value_type: bool
- description: Display return to workspaces option on the Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:42}"
name: control_panel.show_return_to_workspaces
value: "True"
value_type: bool
- description: Display logout option on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:43}"
name: control_panel.show_logout
value: "True"
value_type: bool
- description: Display fullscreen option on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:44}"
name: control_panel.show_fullscreen
value: "True"
value_type: bool
- description: Display logout option on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:45}"
name: control_panel.show_streaming_quality
value: "True"
value_type: bool
- description: Display prefer local cursor option on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:46}"
name: control_panel.advanced_settings.show_prefer_local_cursor
value: "True"
value_type: bool
- description: Display show keyboard controls on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:47}"
name: control_panel.advanced_settings.show_keyboard_controls
value: "True"
value_type: bool
- description: Display IME input mode on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:48}"
name: control_panel.advanced_settings.show_ime_input_mode
value: "True"
value_type: bool
- description: Display game mode on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:49}"
name: control_panel.advanced_settings.show_game_mode
value: "True"
value_type: bool
- description: Display pointer lock on Kasm session control panel
group_id: null
group_setting_id: "${uuid:group_setting_id:50}"
name: control_panel.advanced_settings.show_pointer_lock
value: "True"
value_type: bool
- description: If enabled, users are allowed to stop their running sessions.
group_id: null
group_setting_id: "${uuid:group_setting_id:51}"
name: allow_kasm_stop
value: "False"
value_type: bool
- description: If enabled, users are allowed to pause their running sessions.
group_id: null
group_setting_id: "${uuid:group_setting_id:52}"
name: allow_kasm_pause
value: "False"
value_type: bool
- description: If enabled, users are allowed to delete their running sessions.
group_id: null
group_setting_id: "${uuid:group_setting_id:53}"
name: allow_kasm_delete
value: "True"
value_type: bool
- description: Specify what action to take when the session keepalive expires for container-based sessions. Valid options are delete, stop, and pause. The selection only applies to container-based sessions. The default for other types is delete.
group_id: null
group_setting_id: "${uuid:group_setting_id:54}"
name: keepalive_expiration_action
value: "delete"
value_type: string
- description: Allow storage mappings defined on/by the user.
group_id: null
group_setting_id: "${uuid:group_setting_id:56}"
name: allow_user_storage_mapping
value: "False"
value_type: bool
- description: The maximum number of user-based storage mappings allowed for each user.
group_id: null
group_setting_id: "${uuid:group_setting_id:57}"
name: max_user_storage_mappings
value: "2"
value_type: int
- description: Require that all user-based storage mappings are read-only.
group_id: null
group_setting_id: "${uuid:group_setting_id:58}"
name: read_only_user_storage_mapping
value: "True"
value_type: bool
- description: Use a valid staged session that has a user/group timezone or language preference that does not match.
group_id: null
group_setting_id: "${uuid:group_setting_id:59}"
name: staged_session_language_and_timezone_preference_override
value: "False"
value_type: bool
- description: Allows users to print documents using their local printers.
group_id: null
group_setting_id: "${uuid:group_setting_id:60}"
name: allow_kasm_printing
value: "False"
value_type: bool
- description: Allows WebAuthn two-factor key authentication for group.
group_id: null
group_setting_id: "${uuid:group_setting_id:61}"
name: allow_webauthn_2fa
value: "True"
value_type: bool
- description: Allows TOTP two-factor key authentication for group.
group_id: null
group_setting_id: "${uuid:group_setting_id:62}"
name: allow_totp_2fa
value: "True"
value_type: bool
- description: Allow users to self enroll two factor devices in the profile settings page when enabled.
group_id: null
group_setting_id: "${uuid:group_setting_id:63}"
name: allow_2fa_self_enrollment
value: "False"
value_type: bool
- description: Create a session recording for all sessions created by users in this group.
group_id: null
group_setting_id: "${uuid:group_setting_id:64}"
name: record_sessions
value: "False"
value_type: bool
- description: When enabled, local users will automatically be added to this group when created and upon each authentication.
group_id: null
group_setting_id: "${uuid:group_setting_id:65}"
name: auto_add_local_users
value: "False"
value_type: bool
- description: Allow audio streaming for a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1001}"
name: allow_kasm_audio
value: "True"
value_type: bool
- description: Allow microphone passthrough to a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1002}"
name: allow_kasm_microphone
value: "True"
value_type: bool
- description: Allow gamepad passthrough to a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1003}"
name: allow_kasm_gamepad
value: "False"
value_type: bool
- description: Allows users to paste text from the Kasm to their local computer.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1004}"
name: allow_kasm_clipboard_down
value: "True"
value_type: bool
- description: Allows users to copy and paste text without using Kasm control panel.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1006}"
name: allow_kasm_clipboard_seamless
value: "True"
value_type: bool
- description: Allow users to paste from their local computer to the Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1007}"
name: allow_kasm_clipboard_up
value: "True"
value_type: bool
- description: Allow users to download files from a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1008}"
name: allow_kasm_downloads
value: "True"
value_type: bool
- description: Allow users to upload files to a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1009}"
name: allow_kasm_uploads
value: "True"
value_type: bool
- description: Allow webcam passthrough to a Kasm.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1055}"
name: allow_kasm_webcam
value: "False"
value_type: bool
- description: Allows users to print documents using their local printers.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1060}"
name: allow_kasm_printing
value: "True"
value_type: bool
- description: Allow the use of persistent profiles if configured on the Kasm Image.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1010}"
name: allow_persistent_profile
value: "True"
value_type: bool
- description: Allow the user to share access to Kasms with other users.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1011}"
name: allow_kasm_sharing
value: "True"
value_type: bool
- description:
Disconnect the Kasm connection if idle for this long. Time specified
in minutes.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1012}"
name: idle_disconnect
value: "20"
value_type: float
- description: Default to audio enabled on Kasm start
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1013}"
name: kasm_audio_default_on
value: "True"
value_type: bool
- description:
The number of seconds a Kasm will stay alive unless a keeplive request
is sent from the client.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1014}"
name: keepalive_expiration
value: "3600"
value_type: int
- description: The maximum number of simultaneous Kasms a users is allowed to provision.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1015}"
name: max_kasms_per_user
value: "5"
value_type: int
- description: Display delete Kasm session option on the Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1016}"
name: control_panel.show_delete_session
value: "True"
value_type: bool
- description: Display return to workspaces option on the Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1017}"
name: control_panel.show_return_to_workspaces
value: "True"
value_type: bool
- description: Display logout option on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1018}"
name: control_panel.show_logout
value: "True"
value_type: bool
- description: Display fullscreen option on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1019}"
name: control_panel.show_fullscreen
value: "True"
value_type: bool
- description: Display logout option on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1020}"
name: control_panel.show_streaming_quality
value: "True"
value_type: bool
- description: Display prefer local cursor option on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1021}"
name: control_panel.advanced_settings.show_prefer_local_cursor
value: "True"
value_type: bool
- description: Display show keyboard controls on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1022}"
name: control_panel.advanced_settings.show_keyboard_controls
value: "True"
value_type: bool
- description: Display IME input mode on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1023}"
name: control_panel.advanced_settings.show_ime_input_mode
value: "True"
value_type: bool
- description: Display game mode on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1024}"
name: control_panel.advanced_settings.show_game_mode
value: "True"
value_type: bool
- description: Display pointer lock on Kasm session control panel
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1025}"
name: control_panel.advanced_settings.show_pointer_lock
value: "True"
value_type: bool
- description: If enabled, users are allowed to delete their running sessions.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1026}"
name: allow_kasm_delete
value: "True"
value_type: bool
- description: Specify what action to take when the session keepalive expires for container-based sessions. Valid options are delete, stop, and pause. The selection only applies to container-based sessions. The default for other types is delete.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1027}"
name: keepalive_expiration_action
value: "delete"
value_type: string
- description: Allow storage mappings defined on/by the user.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1028}"
name: allow_user_storage_mapping
value: "True"
value_type: bool
- description: Require that all user-based storage mappings are read-only.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1029}"
name: read_only_user_storage_mapping
value: "False"
value_type: bool
- description: The maximum number of user-based storage mappings allowed for each user.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1030}"
name: max_user_storage_mappings
value: "2"
value_type: int
- description: Allows WebAuthn two-factor key authentication for group.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1031}"
name: allow_webauthn_2fa
value: "True"
value_type: bool
- description: Allows TOTP two-factor key authentication for group.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1032}"
name: allow_totp_2fa
value: "True"
- description: Allow users to self enroll two factor devices in the profile settings page when enabled.
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_setting_id: "${uuid:group_setting_id:1033}"
name: allow_2fa_self_enrollment
value: "True"
value_type: bool
- description:
When enabled, Images that have been disabled by the administator will
be visible to the user.
group_id: "${uuid:group_id:2}"
group_setting_id: "${uuid:group_setting_id:2002}"
name: show_disabled_images
value: "True"
value_type: bool
- description: This message is displayed to the user when an images is currently disabled.
group_id: "${uuid:group_id:2}"
group_setting_id: "${uuid:group_setting_id:2003}"
name: disabled_image_message
value: This image is currently disabled.
value_type: string
- description: If enabled, users are allowed to stop their running sessions
group_id: "${uuid:group_id:2}"
group_setting_id: "${uuid:group_setting_id:2004}"
name: allow_kasm_stop
value: "True"
value_type: bool
- description: If enabled, users are allowed to pause their running sessions
group_id: "${uuid:group_id:2}"
group_setting_id: "${uuid:group_setting_id:2005}"
name: allow_kasm_pause
value: "True"
value_type: bool
- description: Show the display manager, allowing users to add/remove multiple displays
group_id: null
group_setting_id: "${uuid:group_setting_id:2006}"
name: control_panel.show_display_manager
value: "True"
value_type: bool
groups:
- description: null
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
is_system: true
name: All Users
priority: 1000
program_data: null
- description: null
group_id: "${uuid:group_id:2}"
is_system: true
name: Administrators
priority: 1
program_data: null
group_permissions:
- group_id: "${uuid:group_id:2}"
group_permission_id: "${uuid:group_permission_id:0001}"
permission_id: 200
- group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
group_permission_id: "${uuid:group_permission_id:0002}"
permission_id: 100
images: []
oidc_configs: []
registries:
- registry_url: "https://registry.kasmweb.com/"
schema_version: "1.0"
do_auto_update: True
settings:
- category: logging
description:
The logging protocol used, allowed values are internal, https, splunk,
and elasticsearch
name: log_protocol
sanitize: false
services_restart: manager,api
title: Log Protocol
value: internal
value_type: string
- category: logging
description: The port to use for logging communication.
name: log_port
sanitize: false
services_restart: manager,api
title: Log Port
value: "443"
value_type: int
- category: logging
description:
The hostname or IP address of the remote logging server, not applicable
for internal logging.
name: log_host
sanitize: false
services_restart: manager,api
title: Log Host
value: None
value_type: string
- category: logging
description: The Splunk HEC token used for authentication of logs to a Splunk server.
name: hec_token
sanitize: true
services_restart: manager,api
title: Splunk HEC Token
value: None
value_type: password
- category: logging
description:
Set to true if the remote logging server does not have a valid signed
cert by a public certificate authority.
name: https_insecure
sanitize: false
services_restart: manager,api
title: Disable Log Certificate Validation
value: "True"
value_type: bool
- category: logging
description:
HTTP method to use, valid values are post and put. Splunk uses POST
while ElasticSearch API uses PUT
name: http_method
sanitize: false
services_restart: manager,api
title: HTTP Method
value: post
value_type: string
- category: logging
description:
The Splunk endpoint, most likely /service/collector/event. For ElasticSearch
it would be index/_doc/.
name: url_endpoint
sanitize: false
services_restart: manager,api
title: URL Endpoint
value: /services/collector/event
value_type: string
- category: logging
description:
Number of days to retain local Kasm logs. WARNING - See Kasm documentation
before adjusting.
name: log_retention
sanitize: false
services_restart: null
title: Log Retention
value: "7"
value_type: int
- category: logging
description:
Number of hours to retain local Kasm debug logs. WARNING - See Kasm
documentation before adjusting.
name: debug_retention
sanitize: false
services_restart: null
title: Debug Log Retention
value: "4"
value_type: int
- category: logging
description:
When using a remote logging solution like Splunk, minimize local database
logging for better scalability.
name: minimize_local_logging
sanitize: false
services_restart: manager
title: Minimize Local logging
value: "False"
value_type: bool
- category: auth
description:
If configured, anonymous user accounts will be automatically deleted
after this amount of time specified in hours.
name: anonymous_user_expiration
sanitize: false
services_restart: null
title: Anonymous User Expiration (hours)
value: "0"
value_type: float
- category: auth
description: Login notice banner message.
name: notice_message
sanitize: false
services_restart: null
title: Notice Message
value: null
value_type: multiline_string
- category: auth
description: Login notice title.
name: notice_title
sanitize: false
services_restart: null
title: Notice Title
value: Notice
value_type: string
- category: auth
description:
Enables a Login Assitance link on the login page to the entered URL.
Not shown if value is empty.
name: login_assistance
sanitize: false
services_restart: null
title: Login Assistance
value: null
value_type: String
- category: auth
description:
Require client requests to the Kasm for content such as downloads and
uploads to be authenticated with the user's current session token.
name: enable_kasm_auth
sanitize: false
services_restart: null
title: Enable Kasm Authorization
value: "True"
value_type: bool
- category: auth
description: Override the domain used in the Kasm session cookie.
name: kasm_auth_domain
sanitize: false
services_restart: null
title: Kasm Authorization Domain
value: $request_host$
value_type: string
- category: auth
description:
The number of invalid login attempts before an account is locked out.
This setting only applies to local accounts.
name: max_login_attempts
sanitize: false
services_restart: null
title: Max Login Attempts
value: "5"
value_type: int
- category: auth
description:
Configures the SameSite attribute for the Set-Cookie HTTP response
headers. Valid options are Lax, Strict and None.
name: same_site
sanitize: false
services_restart: api
title: Same Site Cookie Policy
value: Lax
value_type: string
- category: auth
description: The number of seconds a session token is valid for.
name: session_lifetime
sanitize: false
services_restart: null
title: Session Lifetime
value: "288000"
value_type: int
- category: auth
description:
This configures the length of time in seconds the user has to respond to a webauthn
authentication or registration prompt before it expires.
name: webauthn_request_lifetime
sanitize: false
services_restart: api,manager
title: WebAuthn request lifetime (seconds)
value: "900"
value_type: int
- category: auth
description: Private Key used to sign request between Kasm components.
name: api_private_key
sanitize: true
services_restart: null
title: API Private Key
value: "${rsa:1:private}"
value_type: multiline_string
- category: auth
description: Public key used by Kasm components to validate internal API calls.
name: api_public_cert
sanitize: false
services_restart: null
title: API Public Cert
value: "${rsa:1:public}"
value_type: multiline_string
- category: auth
description: Token used to self-register new components to the deployment.
name: registration_token
sanitize: false
services_restart: null
title: Component Registration Token
value: "${random_token:registration_token}"
value_type: password
- category: auth
description: Google reCAPTCHA API URL.
name: google_recaptcha_api_url
sanitize: false
services_restart: null
title: Google reCAPTCHA API URL
value: https://www.google.com/recaptcha/api/siteverify
value_type: string
- category: auth
description: Google reCAPTCHA Private Key.
name: google_recaptcha_priv_key
sanitize: true
services_restart: null
title: Google reCAPTCHA Private Key
value: changeme
value_type: password
- category: auth
description: Google reCAPTCHA Site Key.
name: google_recaptcha_site_key
sanitize: false
services_restart: null
title: Google reCAPTCHA Site Key
value: changeme
value_type: string
- category: auth
description: How many minutes should a TOTP token be allowed to drift.
name: token_drift_max
sanitize: false
services_restart: null
title: Token Drift
value: "1"
value_type: int
- category: manager
description: This Setting will stop the manager from checking for Kasm system updates.
name: update_check
sanitize: false
services_restart: null
title: Update Check
value: "True"
value_type: bool
- category: manager
description:
This setting is used to restrict which versions of the Kasm Agent are
allowed to communicate with the Manager.
name: agent_version
sanitize: false
services_restart: null
title: Agent Version
value: "1"
value_type: string
- category: manager
description:
The number of seconds until the primary manager is considered unavailable.
If other managers are alive one will take over the primary role.
name: primary_manager_timeout
sanitize: false
services_restart: manager
title: Primary Manager Timeout
value: "600"
value_type: int
- category: manager
description:
If set to true, a manager will only reply to agent heartbeats with
a list of managers in the same zone as itself. Otherwise a list of all managers
is given. This allows Agents to failover to managers in other zones.
name: same_zone_reply
sanitize: false
services_restart: manager
title: Same Zone Reply
value: "True"
value_type: bool
- category: manager
description:
An authentication token used in the communication between Kasm Agents
and the Manager API server.
name: token
sanitize: false
services_restart: manager
title: Token
value: "${random_token:manager_token}"
value_type: password
- category: manager
description:
The number of seconds until the manager is considered permantly unavaiable,
at which time the manager record will be removed from the database. A value of
0 disables the expiration check.
name: manager_expiration
sanitize: false
services_restart: manager
title: Manager Expiration
value: "0"
value_type: int
- category: scale
description:
The number of seconds between the Manager API inspection of existing
Agent, and Kasm availability.
name: guardian_interval
sanitize: false
services_restart: null
title: Guardian Interval
value: "15"
value_type: int
- category: scale
description:
The number of threads the Manager API server uses for teardown and
provision tasks.
name: guardian_provision_threads
sanitize: false
services_restart: null
title: Guardian Provision Threads
value: "10"
value_type: int
- category: scale
description:
The number of seconds since an Agent's last check-in before marking
it as dead. Dead servers are automatically destroyed if they were dynamically
provisioned.
name: host_dead_expiration
sanitize: false
services_restart: null
title: Host Dead Expiration
value: "3600"
value_type: int
- category: scale
description:
The number of seconds since an Agent's last check-in before marking
it as dead.
name: host_missing_expiration
sanitize: false
services_restart: null
title: Host Missing Expiration
value: "600"
value_type: int
- category: scale
description:
Clients regularly send keepalive requests when logged into a Kasm.
This value is the number of seconds a Kasm will remain active after the last keepalive
is received.
name: keepalive_expiration
sanitize: false
services_restart: null
title: Keep Alive Expiration
value: "3600"
value_type: int
- category: scale
description:
The maximum amount of time to wait for auto-scaled VMs to check-in
and become available. After this time is exceeded, the VM is automatically destroyed.
name: provision_timeout
sanitize: false
services_restart: null
title: Provision Timeout
value: "300"
value_type: int
- category: scale
description: Automatically enable an agent when it calls in.
name: auto_agent
sanitize: false
services_restart: null
title: Automatically Enable Agents
value: "False"
value_type: bool
- category: scale
description:
When contacting Agents in a different zone, forward requests through
the alternate Zone's proxy address.
name: forward_inter_zone_agent_requests
sanitize: false
services_restart: null
title: Forward Inter-Zone Agent Requests
value: "False"
value_type: bool
- category: scale
description:
If the system is interrupted or errors during AutoScaling a server can be partially provisioned and
the system may lose track of the server orphaning it. This consumes resources that the system cannot provision on.
Enabling this setting allows the system to use heuristics to find and destroy orphaned resources.
name: cleanup_orphaned_autoscale_servers
sanitize: false
services_restart: null
title: Cleanup Orphaned AutoScale Servers
value: "True"
value_type: bool
- category: images
description: Automatically add images to default group when new images are added.
name: add_images_to_default_group
sanitize: false
services_restart: null
title: Add Images to Default Group
value: "True"
value_type: bool
- category: images
description:
Sets the default cpu allocation strategy for container images. Valid
options are Quotas or Shares.
name: default_cpu_allocation_method
sanitize: false
services_restart: null
title: Default CPU Allocation Method
value: Shares
value_type: string
- category: theme
description: Url used to specify the background image for the launcher.
name: launcher_background_url
sanitize: false
services_restart: null
title: Launcher Background URL
value: img/backgrounds/background1.jpg
value_type: string
- category: web_filter
description: Url used to updated the Web Filter Categorization database
name: web_filter_update_url
sanitize: false
services_restart: api
title: Web Filter Update URL
value: https://filter.kasmweb.com
value_type: string
- category: licensing
description: The URL to the Kasm Licensing Server.
name: license_server_url
sanitize: false
services_restart: null
title: License Server URL
value: https://license.kasmweb.com
value_type: string
- category: connections
description: Default connection settings for VM RDP sessions.
name: default_vm_rdp_connection_settings
sanitize: false
services_restart: api
title: Default VM RDP Connection Settings
value:
"{\n \"guac\": {\n \"type\": \"rdp\",\n \"settings\": {\n \"\
security\": \"any\",\n \"ignore-cert\": true,\n \"enable-font-smoothing\"\
: true,\n \"enable-wallpaper\": true,\n \"enable-theming\": true,\n\
\ \"enable-full-window-drag\": false,\n \"enable-menu-animations\":\
\ false,\n \"resize-method\": \"display-update\",\n \"server-layout\"\
: \"en-us-qwerty\",\n \"printer-name\": \"Kasm\"\n }\n },\n \"kasm_svc\": {\n \"port\": 4902\n }\n\
}\n"
value_type: json
- category: connections
description: Default connection settings for VM VNC sessions.
name: default_vm_vnc_connection_settings
sanitize: false
services_restart: api
title: Default VM VNC Connection Settings
value:
"{\n \"guac\": {\n \"type\": \"vnc\",\n \"settings\": {\n \"\
autoretry\": 5,\n \"color_depth\": 32\n }\n }\n}\n"
value_type: json
- category: connections
description: Default connection settings for VM SSH sessions.
name: default_vm_ssh_connection_settings
sanitize: false
services_restart: api
title: Default VM SSH Connection Settings
value:
"{\n \"guac\": {\n \"type\": \"ssh\",\n \"settings\": {\n \"\
font-size\": \"11\",\n \"color-scheme\": \"gray-black\",\n \"font-name\"\
: \"monospace\",\n \"scrollback\": \"1000\"\n }\n }\n}"
value_type: json
- category: storage
description: The object storage (S3) access key ID for S3-based persistent profiles
name: object_storage_key
sanitize: false
services_restart: api
title: Object Storage Access Key ID
value: null
value_type: string
- category: storage
description: The object storage (S3) access key secret for S3-based persistent profiles
name: object_storage_secret
sanitize: true
services_restart: api
title: Object Storage Access Key Secret
value: null
value_type: password
- category: session_recording
description: Framerate for session recording, changes how many frames (or screen captures) are taken per second.
name: session_recording_framerate
title: Session Recording Framerate
sanitize: false
services_restart: null
value: 2
value_type: int
- category: session_recording
description: Width for session recording, the number of pixels in width the recording will be (larger numbers give more detail).
name: session_recording_res_width
title: Session Recording Width
sanitize: false
services_restart: null
value: 720
value_type: int
- category: session_recording
description: Height for session recording, the number of pixels in height the recording will be (larger numbers give more detail).
name: session_recording_res_height
title: Session Recording Height
sanitize: false
services_restart: null
value: 480
value_type: int
- category: session_recording
description: Bitrate for session recording (in Mbps), affects the quality of the recording.
name: session_recording_bitrate
title: Session Recording Bitrate
sanitize: false
services_restart: null
value: 8
value_type: int
- category: session_recording
description: Queue length for session recording, how many recording clips are being processed and uploaded at once. Applies to RDP, VNC, and SSH sessions.
name: session_recording_queue_length
title: Session Recording Queue Length
sanitize: false
services_restart: null
value: 2
value_type: int
- category: session_recording
description: Retention period (in hours) for session recording, how long the connection proxy will continue to try and upload session recording clips that fail to upload. Applies to RDP, VNC, and SSH sessions.
name: session_recording_retention_period
title: Session Recording Retention Period
sanitize: false
services_restart: null
value: 24
value_type: int
- category: session_recording
description: Upload location for session recording, this should be an s3 bucket, with a folder path that ends is a filename with the .mp4 extension. A range of variable substitutions are available, check the Kasm documentation for details.
name: session_recording_upload_location
title: Session Recording Upload Location
sanitize: false
services_restart: null
value: null
value_type: string
- category: session_recording
description: Object storage (S3) access key ID. This ID is specific for session recording purposes.
name: recording_object_storage_key
title: Object Storage Access Key ID
sanitize: false
services_restart: null
value: null
value_type: string
- category: session_recording
description: Object Storage Access Key Secret. This secret is specific for session recording purposes.
name: recording_object_storage_secret
title: Object Storage Access Key Secret
sanitize: true
services_restart: null
value: null
value_type: password
- category: session_recording
description: The disk storage limit for RDP, VNC, and SSH sessions in percentage of consumed disk space before session recording will not function.
name: session_recording_guac_disk_limit
title: Disk Usage Limit for Session Recordings
sanitize: false
services_restart: null
value: 0.90
value_type: float
staging_configs: []
users:
- created: "${datetime:utcnow}"
password_set_date: "${datetime:utcnow}"
pw_hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
realm: local
salt: "${uuid:user_salt:1}"
user_id: "${uuid:user_id:1}"
username: admin@kasm.local
- created: "${datetime:utcnow}"
password_set_date: "${datetime:utcnow}"
pw_hash: ef812e6cd523e95742921d31bd61856c62a14d76b03d422bc528f0fe37c8187d
realm: local
salt: "${uuid:user_salt:2}"
user_id: "${uuid:user_id:2}"
username: user@kasm.local
user_groups:
- user_id: "${uuid:user_id:1}"
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
- user_id: "${uuid:user_id:1}"
group_id: "${uuid:group_id:2}"
- user_id: "${uuid:user_id:2}"
group_id: 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
zones:
- allow_origin_domain: $request_host$
load_strategy: least_load
primary_manager_id: null
prioritize_static_agents: true
proxy_connections: true
proxy_hostname: $request_host$
proxy_path: desktop
proxy_port: 443
search_alternate_zones: true
upstream_auth_address: $request_host$
zone_id: "${uuid:zone_id:1}"
zone_name: default
Reference in a new issue Copy permalink