Config
Complete list of configuration options for the Catalyst server:
| Command line argument / Environment Variable | Type | Description |
|---|---|---|
--secret /SECRET | string (required) | A random secret value |
--external-address /EXTERNAL_ADDRESS | string (required) | The external address of the Catalyst server (e.g. https://try.catalyst-soar.com) |
--catalyst-address /CATALYST_ADDRESS | string (default: "http://catalyst:8000") | The internal address of the Catalyst server |
--network /CATALYST_NETWORK | string (default: "catalyst") | The network of the Catalyst server |
--port /PORT | int (default: "8000") | The port of the Catalyst server |
--initial-api-key /INITIAL_API_KEY | string | Setup an initial API key |
--api-key-auth-enable /API_KEY_AUTH_ENABLE | bool (default: "true") | Enable API key authentication |
--oidc-enable /OIDC_ENABLE | bool (default: "true") | Enable OIDC authentication |
--index-path /INDEX_PATH | string (default: "index.bleve") | Path for the bleve index |
--arango-db-host /ARANGO_DB_HOST | string (default: "http://arangodb:8529") | The host of the ArangoDB server |
--arango-db-user /ARANGO_DB_USER | string (default: "root") | The user of the ArangoDB server |
--arango-db-password /ARANGO_DB_PASSWORD | string (required) | The password of the ArangoDB server |
--s3-host /S3_HOST | string (default: "http://minio:9000") | The host of the S3 server |
--s3-user /S3_USER | string (default: "minio") | The user of the S3 server |
--s3-region /S3_REGION | string (default: "us-east-1") | S3 Bucket region |
--s3-password /S3_PASSWORD | string | The password of the S3 server |
OIDC Config
If OIDCAuthEnable is set to true, the following configurations can be used:
| Command line argument / Environment Variable | Type | Description |
|---|---|---|
--oidc-issuer /OIDC_ISSUER | string (required) | The url of the OIDC provider (e.g. http://authelia:8082) |
--oidc-auth-url /OIDC_AUTH_URL | string (required) | The OIDC auth url (e.g. http://localhost:8082/api/oidc/authorization) |
--oidc-client-id /OIDC_CLIENT_ID | string (default: "catalyst") | The client ID for OIDC (e.g. catalyst) |
--oidc-client-secret /OIDC_CLIENT_SECRET | string (required) | The client secret for OIDC |
--oidc-scopes /OIDC_SCOPES | []string | Additional scopes to request, ['oidc', 'profile', 'email'] are always added. |
--oidc-claim-username /OIDC_CLAIM_USERNAME | string (default: "preferred_username") | Username field in the OIDC claim |
--oidc-claim-email /OIDC_CLAIM_EMAIL | string (default: "email") | Email field in the OIDC claim |
--oidc-claim-name /OIDC_CLAIM_NAME | string (default: "name") | Name field in the OIDC claim |
--auth-block-new /AUTH_BLOCK_NEW | bool (default: "true") | Block newly created users |
--auth-default-roles /AUTH_DEFAULT_ROLES | []string (default: analyst) | Default roles for new users (analyst, engineer) |
--auth-admin-users /AUTH_ADMIN_USERS | []string | Usernames to grant admin rights |