Advanced settings file

You can change Fleio options and behavior from the settings.py file as described below.

Note that, besides the backend settings described in this document, frontend settings are also available to personalize your installation.

How to apply Fleio backend settings.py changes

Full file path is:

/var/webapps/fleio/project/fleio/settings.py

Important

After editing the settings.py file, you must restart the fleio service: systemctl restart fleio and tell uwsgi to reload the file: systemctl reload uwsgi, in order for the changes to take effect.

Django and DRF settings

The Fleio backend is built on Django web framework and Django REST framework. You can overwrite Django and DRF settings in the settings.py file, as well. Read about their available settings in the Django documentation and in the DRF documentation.

Fleio specific settings

Some advanced Fleio settings can only be changed by editing the settings.py file:

How to enable/disable features

Fleio is a modular application which allows you to enable or disable features for end-users and staff respectively.

The FEATURES dictionary allows you to enable or disable end-user features. The dictionary key identifies the feature and the dictionary value may have one of the following values:

  • True - feature is enabled
  • False - feature is disabled

The full features list is already present in base_settings.py, which contains default Fleio settings.

Important

Do not edit the base_settings.py file. It will be overwritten when Fleio is updated. Edit settings.py instead. settings.py contains your local installation information and is never overwritten by Fleio.

Features toggles have a tree-like structure and disabling a top feature would disable all it children. For instance, setting ‘openstack’: False, would all features beneath, like ‘openstack.instances’, ‘openstack.volumes’, ‘openstack.images’ etc.

Here’s how features are defined by default in base_settings.py.

FEATURES = {
    'demo': False,
    'enduser': True,
    'enduser.allow_changing_password': True,
    'billing': True,
    'billing.addcredit': True,
    'billing.history': True,
    'billing.invoices': True,
    'billing.order': True,
    'billing.pdf': True,
    'billing.services': True,
    'clients&users.clients': True,
    'clients&users.signup': True,
    'clients&users.users': True,
    'clients&users.userprofile': True,
    'clients&users.second_factor_auth': True,
    'clients&users.second_factor_auth.google_authenticator': True,
    'clients&users.second_factor_auth.sms_authenticator': True,
    'dashboard': True,
    'notifications': True,
    'openstack': True,
    'openstack.apiusers': True,
    'openstack.cleanup': False,
    'openstack.cleanup.images': False,
    'openstack.cleanup.images.showdate': False,
    'openstack.coe.clusters': True,
    'openstack.coe.cluster_templates': True,
    'openstack.dns.ptr': True,
    'openstack.dns.zones': True,
    'openstack.flavors': True,
    'openstack.floatingips': True,
    'openstack.images': True,
    'openstack.images.updatecreate': False,
    'openstack.images.showcommunity': False,
    'openstack.images.showshared': True,
    'openstack.instances': True,
    'openstack.instances.allow_changing_password': True,
    'openstack.instances.snapshots': True,
    'openstack.instances.traffic': True,
    'openstack.networks': True,
    'openstack.networks.display_external_networks': True,
    'openstack.networks.display_shared_networks': True,
    'openstack.projects': True,
    'openstack.routers': True,
    'openstack.securitygroups': True,
    'openstack.sshkeys': True,
    'openstack.subnetpools': True,
    'openstack.volumes': True,
    'openstack.volumes.boot': True,
    'openstack.volumes.backup': True,
    'openstack.osbackup': True,
    'openstack.osbackup.schedules': False,
    'plugins': True,
    'plugins.todo': True,
    'plugins.tickets': True,
    'plugins.cpanel': True,
    'plugins.cpanelserver': True,
    'plugins.domains': True,
    'plugins.hypanel': False,
}

Analogous there’s a STAFF_FEATURES dictionary which allows you to manipulate features for the staff panel.

STAFF_FEATURES = {
    'demo': False,
    'staff': True,
    'billing': True,
    'billing.gateways': True,
    'billing.journal': True,
    'billing.invoices': True,
    'billing.orders': True,
    'billing.products': True,
    'billing.pdf': True,
    'billing.services': True,
    'billing.taxrules': True,
    'billing.transactions': True,
    'billing.reporting': False,
    'clients&users.clients': True,
    'clients&users.clientgroups': True,
    'clients&users.userprofile': True,
    'clients&users.users': True,
    'clients&users.usergroups': True,
    'dashboard': True,
    'app-status': True,
    'notifications': True,
    'openstack': True,
    'openstack.apiusers': True,
    'openstack.cleanup': False,
    'openstack.cleanup.images': False,
    'openstack.cleanup.images.showdate': False,
    'openstack.coe.clusters': True,
    'openstack.coe.cluster_templates': True,
    'openstack.dns.ptr': True,
    'openstack.dns.zones': True,
    'openstack.flavors': True,
    'openstack.floatingips': True,
    'openstack.images': True,
    'openstack.images.download': False,
    'openstack.images.shareoncreate': True,
    'openstack.images.showcommunity': False,
    'openstack.images.showshared': False,
    'openstack.instances': True,
    'openstack.instances.allow_changing_password': True,
    'openstack.instances.snapshots': True,
    'openstack.instances.traffic': True,
    'openstack.networks': True,
    'openstack.ports': True,
    'openstack.projects': True,
    'openstack.routers': True,
    'openstack.securitygroups': True,
    'openstack.sshkeys': True,
    'openstack.subnetpools': True,
    'openstack.subnets': True,
    'openstack.volumes': True,
    'openstack.volumes.backups': False,
    'openstack.osbackup': True,
    'openstack.osbackup.schedules': False,
    'openstack.settings': True,
    'openstack.plans': True,
    'plugins': True,
    'plugins.cpanel': True,
    'plugins.cpanelserver': True,
    'plugins.domains': True,
    'plugins.todo': True,
    'plugins.tickets': True,
    'plugins.hypanel': False,
    'settings': True,
    'settings.general': True,
    'settings.configurations': True,
    'settings.authorization': True,
    'settings.notifications.templates': True,
    'utils': True,
    'utils.activitylog': True,
    'utils.tasklog': True,
    'utils.reports': False,
    'servers': True,
}

And here’s how to enable or disable a feature. Let’s say we want to disable new users sign-up. Add the following line at the end of settings.py:

FEATURES['clients&users.signup'] = False

And let’s say that we want to enable floating IPs for staff. In order to enable a feature you have to make sure the top level feature is also enabled. To enable floating IPs just add the following lines at the end of settings.py:

STAFF_FEATURES['openstack'] = True
STAFF_FEATURES['openstack.floatingips'] = True

End-user features explained

  • demo - enables demo mode - this will autofill demo/demo username and password on end-user login page, demoadmin/demoadmin are autofilled on staff login page, many features are disabled that would otherwise allow anonymous visitors to break the Fleio installation. Demo mode is enabled on https://demo.fleio.com installation.
  • enduser - feature is available only in end user mode, used to differentiate between enduser and staff
  • enduser.allow_changing_password - when set to False end-users are not allowed to change their password, through Forgot password link or Edit user profile
  • billing.addcredit - enables the Add credit button on dashboard
  • billing.history - enabled billing history page
  • billing.invoices - enables invoice functionality, this may be needed for Add credit
  • billing.order - enables order functionality allowing end user to order services
  • billing.pdf - enabled pdf generation for invoices
  • billing.services - enables services view for end user, the user will be able to view and edit services
  • clients&users.clients - enables client feature for end users allowing add or edit of clients
  • clients&users.second_factor_auth - enable second factor authentication(SFA) for end users
  • clients&users.second_factor_auth.google_authenticator - enables google authenticator SFA method
  • clients&users.second_factor_auth.sms_authenticator - enables sms authenticator SFA method
  • clients&users.signup - enables signup for end users. If this is disabled, users can only be added by staff users or via the Fleio API
  • clients&users.userprofile - enables used profile editing for end users
  • dashboard- when disabled the dashboard page will be empty
  • notifications - enables notifications for end user
  • openstack - enables child OpenStack features. When this is False, all OpenStack functionality is disabled.
  • openstack.apiusers - enables OpenStack API user management
  • openstack.cleanup - enables OpenStack objects cleanup
  • openstack.cleanup.images - when enabled user uploaded images are automatically deleted in X days
  • openstack.cleanup.images.showdate - show the date when the user uploaded image will be automatically deleted
  • openstack.coe.clusters - enables openstack Magnum cluster management
  • openstack.coe.cluster_templates - enables openstack Magnum cluster template management
  • openstack.dns.ptr - enables dns ptr record editing for instances
  • openstack.dns.zones - enables dns zones editing
  • openstack.floatingips - enables floating IPs management for end users
  • openstack.images - enables My images feature for end users where users can see snapshots and upload images
  • openstack.images.createupdate - enable create and update of images in My images page
  • openstack.images.showcommunity - show community images, on separate tab, in create instance form
  • openstack.images.showshared - show shared images in create instance form
  • openstack.instances - enables management of instances for end users
  • openstack.instances.allow_changing_password - enables and shows the instance menu option Change password
  • openstack.instances.snapshots - allows instance snapshots. This feature may require openstack.images to be enabled
  • openstack.instances.traffic - enables instance traffic monitoring and billing functionality
  • openstack.networks - enable networks management for end users
  • openstack.networks.display_external_networks - displays external networks created by other users
  • openstack.networks.display_shared_networks - displays shared networks created by other users
  • openstack.routers - allow end-users to create and manage network routers
  • openstack.securitygroups - enables security groups management for end users
  • openstack.sshkeys - enables SSH key management for end users
  • openstack.subnetpools - enables management of subnet pools for end users
  • openstack.volumes - enables management of volumes for end users
  • openstack.volumes.backups - enables volume backup management
  • openstack.volumes.boot - show the boot from volume feature on instance create form
  • openstack.osbackup - enables backup functionality for end users
  • openstack.osbackup.schedules - allow end-users to edit backup schedule
  • plugins - when False all below plugins will be disabled
  • plugins.todo - enables the TODO plugin
  • plugins.tickets - enables support tickets functionality
  • plugins.cpanel - enables cPanel functionality
  • plugins.cpanelserver - enables cPanel server functionality
  • plugins.domains - enables domain name registration and management

Staff user features explained

  • demo - enables demo mode - this will autofill demo/demo username and password on end-user login page, demoadmin/demoadmin are autofilled on staff login page, many features are disabled that would otherwise allow anonymous visitors to break the Fleio installation. Demo mode is enabled on https://demo.fleio.com installation.
  • staff - feature is available only in staff mode, used to differentiate between end user and staff
  • billing - when True, enables billing features; when False disables all features that start with billing. ...
  • billing.gateways - enables gateways functionality for staff
  • billing.journal - enables journal viewer for staff
  • billing.invoices - enables invoice management for staff
  • billing.order - enables order management for staff
  • billing.products - enables products management for staff
  • billing.pdf - enabled pdf generation for invoices
  • billing.services - enables services services management for staff
  • billing.taxrules - enables tax rules management for staff
  • billing.transactions - enables transactions functionality
  • clients&users.clients - enables clients management for staff
  • clients&users.users - enables users management for staff
  • clients&users.clientgroups - enables client groups management for staff
  • clients&users.usergroups - enables user group management for staff
  • dashboard- when disabled the dashboard page will be empty
  • app-status - shows App services on staff dashboard
  • openstack.apiusers - enables OpenStack API user management
  • openstack.cleanup - enables OpenStack objects cleanup
  • openstack.cleanup.images - enables automatic deletion of user uploaded images after X days
  • openstack.cleanup.images.showdate - show the date when the user uploaded images will be automatically deleted
  • openstack.coe.clusters - enables openstack Magnum cluster management
  • openstack.coe.cluster_templates - enables openstack Magnum cluster template management
  • openstack.dns.ptr - enables DNS PTR record editing for instances
  • openstack.dns.zones - enables DNS zone editing
  • openstack.flavors - enables flavors management
  • openstack.floatingips - enables floating IPs management for staff
  • openstack.images - enables Image management for staff where staff users can see snapshots and upload images
  • openstack.images.shareoncreate - enable instance creation based on an image from another project. The image will be shared between projects.
  • openstack.images.showcommunity - show community images, on separate tab, in create instance form
  • openstack.images.showshared - show shared images in create instance form
  • openstack.instances - enables management of instances for staff
  • openstack.instances.allow_changing_password - enables and shows the instance menu option Change password
  • openstack.instances.snapshots - allows instance snapshots. This feature may require openstack.images to be enabled
  • openstack.instances.traffic - enables instance traffic monitoring and billing functionality
  • openstack.networks - enable networks management for staff
  • openstack.ports - enables ports management for staff
  • openstack.projects - enables project management for staff
  • openstack.routers - enables routers management for staff
  • openstack.securitygroups - enables security groups management for staff
  • openstack.sshkeys - enables ssh key management for staff
  • openstack.subnetpools - enables management of subnet pools for staff
  • openstack.subnets - enables subnet management for staff
  • openstack.volumes - enables management of volumes for staff
  • openstack.volumes.backups - enables volume backup management
  • openstack.osbackup - enables backup of instances
  • openstack.osbackup.schedules - allow staff users to edit backup schedule
  • openstack.settings - enables OpenStack settings on staff panel
  • openstack.plans - enables management of OpenStack pricing plans
  • plugins - when False all below plugins will be disabled
  • plugins.todo - enables the TODO plugin
  • plugins.tickets - enables support tickets functionality
  • plugins.cpanel - enables cPanel functionality
  • plugins.cpanelserver - enables cPanel server functionality
  • plugins.domains - enables domain name registration and management
  • settings - disables all settings
  • settings.general - enables general settings on staff panel
  • settings.configurations - enables management of configurations
  • settings.authorization - enables authorization frontend for staff
  • settings.notification.templates - enables notification templates frontend for staff
  • utils - when False disables Utils menu group and functionality
  • utils.activitylog - enables activity log viewer on staff page
  • utils.tasklog - enables task log viewer on staff page
  • utils.reports - enables reports
  • servers - enables servers feature
  • servers - enables shared hosting servers management

Configure custom add credit URL

You can use an external link, if you are using another system (like WHMCS) to handle invoicing and credit card payments rather than fleio. You can customize the add credit URL which will reflect in several places including the one in end-user dashboard. This will also be used when sending email notifications regarding client having low credit and being out of credit or on the end-user cloud resources create form when the client has a credit amount lower than the one required to create new resources (configurable from the fleio configurations)

Edit settings.py and add:

# Leave empty to use the default add credit URL of Fleio
# fill in 'client_group_name': 'http://url...' pairs when using an external billing
# when the dictionary has a single entry it will be used regardless of the 'client_group_name'
ADD_CREDIT_URLS = {}

SSO_MAX_AGE

External billing systems, like WHMCS, generate single sign-on URL’s. For security reasons, SSO URL’s contain a timestamp from the moment they were generated.

SSO_MAX_AGE specifies after how many seconds, from the generation time, the single sign-on URL expires.

If single sign-on ULR is expired, it won’t work anymore.

PROXY_SETTINGS

If you are behind a proxy server, you must set this variable, to access the licensing server for setting the license.

Set it to: PROXY_SETTINGS = {‘https’: ‘<ip>:<port>’, }. For example:

PROXY_SETTINGS = {'https': '10.10.1.11:1080', }

Default OpenStack object names

Fleio creates a new security group for each client (OpenStack project) the first time an instance is created. And this new security group will be automatically added to all instances the end-user creates.

By default this security group is called fleio and has description fleio. You can change the default name and description by adding these lines in your settings.py file:

# Name of the security group that is automatically created when the end-user creates the first instance
SECURITY_GROUP_NAME = 'fleio'
# Description of the same automatically created security group
SECURITY_GROUP_DESCRIPTION = 'fleio'