###
## Documentation is available at https://github.com/TheHive-Project/TheHiveDocs/TheHive4
###

## Include Play secret key
# More information on secret key at https://www.playframework.com/documentation/2.8.x/ApplicationSecret
include "/etc/thehive/secret.conf"

## Database configuration
db.janusgraph {
  storage {
    ## Cassandra configuration
    # More information at https://docs.janusgraph.org/basics/configuration-reference/#storagecql
    backend: cql
    hostname: ["127.0.0.1"]
    # Cassandra authentication (if configured)
    // username: "thehive"
    // password: "password"
    cql {
      cluster-name: thp
      keyspace: thehive
      read-consistency-level: ONE
      write-consistency-level: ONE
    }
  }
  index.search {
    // backend: lucene
    // directory: /opt/thp/thehive/index
    # If TheHive is in cluster ElasticSearch must be used:
    backend: elasticsearch
    hostname: ["127.0.0.1"]
    index-name: thehive
  }

  ## For test only !
  # Comment the two lines below before enable Cassandra database
  // storage.backend: berkeleyje
  // storage.directory: /opt/thp/thehive/database
  // berkeleyje.freeDisk: 200 # disk usage threshold
}

## Attachment storage configuration
storage {
  ## Local filesystem
  provider: localfs
  localfs.location: /opt/thp/thehive/files

  ## Hadoop filesystem (HDFS)
  // provider: hdfs
  // hdfs {
  //   root: "hdfs://localhost:10000" # namenode server hostname
  //   location: "/thehive"           # location inside HDFS
  //   username: thehive              # file owner
  // }
}

## Authentication configuration
# More information at https://github.com/TheHive-Project/TheHiveDocs/TheHive4/Administration/Authentication.md
auth {
  providers: [
    {
      name: session
      timeout: 600 minutes
      warning: 10 minutes
    }
    {name: session}               # required !
    {name: basic, realm: thehive}
    {name: local}
    {name: key}
    {
      name: ldap
      hosts: ["xxxx.xxxxx.xxxxxx"]
      bindDN: "CN=xxxxx,OU=xxxxxxx,DC=xxxxx,DC=xxxxx,DC=xxxxx"
      bindPW: "xxxxxxxxx"
      baseDN: "ou=xxxxx,dc=xxxxx,dc=xxxxxx,dc=xxxxxx"
      filter:  "(cn={0})"
      useSSL: true
    }
  ]
# The format of logins must be valid email address format. If the provided login doesn't contain `@` the following
# domain is automatically appended
  defaultUserDomain: "xxxxx"
  #defaultUserDomain: "thehive.local"
}

## CORTEX configuration
# More information at https://github.com/TheHive-Project/TheHiveDocs/TheHive4/Administration/Connectors.md
# Enable Cortex connector
// play.modules.enabled += org.thp.thehive.connector.cortex.CortexModule
// cortex {
//  servers: [
//    {
//      name: "local"                # Cortex name
//      url: "http://localhost:9001" # URL of Cortex instance
//      auth {
//        type: "bearer"
//        key: "***"                 # Cortex API key
//      }
//      wsConfig {}                  # HTTP client configuration (SSL and proxy)
//    }
//  ]
// }

## MISP configuration
# More information at https://github.com/TheHive-Project/TheHiveDocs/TheHive4/Administration/Connectors.md
# Enable MISP connector
// play.modules.enabled += org.thp.thehive.connector.misp.MispModule
// misp {
//  interval: 1 hour
//  servers: [
//    {
//      name = "local"            # MISP name
//      url = "http://localhost/" # URL or MISP
//      auth {
//        type = key
//        key = "***"             # MISP API key
//      }
//      wsConfig {}               # HTTP client configuration (SSL and proxy)
//    }
//  ]
//}

# Define maximum size of attachments (default 10MB)
play.http.parser.maxDiskBuffer: 1GB