frontend.ini

The frontend.ini config file, located at /etc/squirro/frontend.ini configures the workings of the Squirro frontend user interface

HTTP Session Configuration

See Reducing Session Lifetime.

Session Secret Key

To ensure the session cookies are hashed uniquely, you should add a custom secret key to the configuration file.

This must be set to the same value on all servers of a cluster.

Changing this value also has the side-effect that all existing user sessions expire immediately.

Tip

Adding a custom key is recommended when changing other session configuration parameters or when updating the Single Sign-On configuration.

How to Add a Custom Secret Key

To add a custom key, edit /etc/squirro/frontend.ini and add the following configuration:

[flask_app]
secret_key = ce380f53ca31a529b480dcb217c45889cafeb43d89ef1879320b3128c8e9143a

A new value can be generated in any cryptographically secure way. One approach is to use the following commands:

$ squirro_activate
$ python -c 'import secrets; print(secrets.token_hex())'

From the Flask documentation:

Note

If a secret key is set, cryptographic components can use this to sign cookies and other things. Set this to a complex random value when you want to use the secure cookie for instance. This attribute can also be configured from the config with the SECRET_KEY configuration key. Defaults to None.

Applying Changes

After editing this configuration file, the service sqfrontendd has to be restarted (see Services).