Skip to content

Configuration

PurpleOps is super flexible, what would you like to configure?

Note

Most options are in .env and flask.cfg. Custom knowledge bases / reports / testcase templates are done by dropping them in custom/.

Instance Name

Change the NAME var in .env. This affects the title shown in MFA apps.

Database Connection

Change the MONGO_DB, MONGO_HOST and MONGO_PORT vars in .env. Unless you have a custom database, leave these as default.

Webserver Host / Port Bindings

Change the HOST and PORT vars in .env. If you're going to open the server to the internet, you'll probably want to change these.

MFA
  • For enabling / disabling: Change the FLASK_MFA var in .env. MFA is either on or off globally, no per-user config is available.
  • For changing MFA validity: Change the SECURITY_TWO_FACTOR_LOGIN_VALIDITY var in flask.cfg.
Debugging

Change the FLASK_DEBUG var in .env. Don't enable this in prod :)

Mimimum Password Length

Change the SECURITY_PASSWORD_LENGTH_MIN var in flask.cfg.

Users

See: User Management.

Custom Testcase Templates

Using the schema from Export Testcase Templates, alter the custom/testcases.json file and rerun seeder.py. See: Templating.

Custom Knowledge Base Items

Using the schema from the sample custom/knowledgebase/T1003.yaml file, any file in custom/knowledgebase/*.yaml will overwrite the default Mitre writeup. Requires rerunning seeder.py. See Custom Knowledge Base.

Custom Reports

Drop your new Jinja .docx file in custom/reports/. See: Reporting.