Configuration¶
This guide covers LabID configuration options for production deployments.
Prerequisites
Before configuring, ensure you have completed the Installation and Web Server setup.
Environment Variables¶
All LabID settings can be configured using environment variables prefixed with DJANGO_.
You must set those in your system environment or in the /opt/labid/labid/.env file (automatically created by the setup.sh script).
The values below are placeholders, that you should replace with your own values.
The same email recipient can be used at multiple places (e.g admin and archive).
See settings for examples of .env files.
Core Django Settings¶
# Application settings
DJANGO_SETTINGS_MODULE=labid.settings.production
DJANGO_SECRET_KEY=your_very_long_secret_key_here
DJANGO_DEBUG=False
DJANGO_ALLOWED_HOST=your-labid.com
# Database
DJANGO_DATABASE_URL=postgres://labid:password@localhost:5432/labid_prod
# URLs
DJANGO_BASE_URL=https://your-labid.com
DJANGO_UI_BASE_URL=https://your-labid.com
Organization¶
DJANGO_ORGANIZATION="name of your organization"
DJANGO_ORGANIZATION_ROR=https://ror.org/123456 # optional, see ror.org to find your org ror
Email Configuration¶
These settings are used to send email notifications, e.g to users upon successfull registration of their data, or to the administrator when something requires attention.
# SMTP settings
DJANGO_EMAIL_HOST=smtp.example.com
DJANGO_EMAIL_PORT=587
DJANGO_EMAIL_USE_TLS=True
DJANGO_EMAIL_HOST_USER=your-email@example.com
DJANGO_EMAIL_HOST_PASSWORD=your-email-password
# Sender of email notifications
DJANGO_EMAIL_SENDER=labid@your-labid.com
# Recipient for server errors
DJANGO_EMAIL_ADMIN=admin@your-labid.com
# Recipient of notifications when running in DEBUG mode
DJANGO_EMAIL_DEV_TO=admin@your-labid.com
# Recipient of the "order" form
DJANGO_EMAIL_STORES=stores@your-labid.com
# Recipient of notifications related to file archiving
DJANGO_ARCHIVE_SERVICE_EMAIL=archive@your-labid.com
Message Broker¶
Storage Configuration¶
# Storage settings
DJANGO_ARCHIVE_PREPARE_DIRECTORY=/opt/labid/labid/storage/archiver
DJANGO_ALLOW_FILE_REMOVAL=True
DJANGO_DATA_INGEST_MOVE_PREFERRED=False
# When archiving data, when to start the task
# Should be "now" for immediate archiving or "midnight" (without the quotes)
DJANGO_ARCHIVE_RUN_TASK_AT=midnight
Security Settings¶
# Security configuration
DJANGO_SECURE_PROXY_SSL_HEADER=HTTP_X_FORWARDED_PROTO,https
DJANGO_AUTHENTICATION_BACKENDS=core.auth.backends.AuthModelBackend,django.contrib.auth.backends.ModelBackend,guardian.backends.ObjectPermissionBackend
Optional Integrations¶
LibreOffice Online¶
# Document editing
DJANGO_LOOL_INSTANCE=http://localhost:9980
DJANGO_LOOL_WOPI_ADDRESS=https://your-labid.com
Timestamping Service¶
# Access to a timestamping service like https://www.freetsa.org/
# or for German institutes the DFN-PKI Zeitstempeldienst
# https://www.pki.dfn.de/zeitstempeldienst/
DJANGO_TIMESTAMPING_URL=https://www.freetsa.org/tsr
Post-Installation Configuration¶
1. Admin Interface Setup¶
- Access the admin interface at
https://your-labid.com/admin - Log in with your superuser account created during installation
-
Configure the following:
- Create user groups
- Create storage volumes for each group; check reference
- Configure group-specific storage access
2. LDAP Authentication (Optional)¶
For centralized authentication, configure LDAP integration:
# LDAP settings in .env
DJANGO_AUTH_LDAP_SERVER_URI=ldap://your-ldap-server.com
DJANGO_AUTH_LDAP_BIND_DN=cn=admin,dc=example,dc=com
DJANGO_AUTH_LDAP_BIND_PASSWORD=your-ldap-password
DJANGO_AUTH_LDAP_USER_SEARCH=ou=users,dc=example,dc=com
Advanced Configuration¶
Custom Settings Module¶
Recommended Approach
Using .env files is the recommended way to modify or override any existing LabID settings. The .env approach is simpler, more maintainable, and follows Django best practices.
For most configuration needs, use environment variables in your /opt/labid/labid/.env file:
# Recommended approach - override settings via .env
DJANGO_SETTING_NAME=value
DJANGO_ANOTHER_SETTING=another_value
For complex configurations that cannot be handled via environment variables, you can create a custom settings file:
-
Create
/opt/labid/labid/labid/settings/custom.py: -
Update environment variable:
Remember: Most settings can be overridden using the DJANGO_ prefix in your .env file, which is the preferred method.
Database Optimization¶
For production workloads, optimize PostgreSQL settings in /etc/postgresql/*/production/postgresql.conf:
# Memory settings
shared_buffers = 256MB
work_mem = 25MB
maintenance_work_mem = 64MB
# Connection settings
max_connections = 200
# Logging
log_statement = 'all'
log_duration = on
Restart PostgreSQL after changes:
Performance Tuning¶
Connection Pooling with pgbouncer¶
Install and configure pgbouncer for database connection pooling:
sudo apt install pgbouncer
# Configure in /etc/pgbouncer/pgbouncer.ini
# Update database URL to use pgbouncer
DJANGO_DATABASE_URL=postgres://labid:password@localhost:6432/labid_prod
Celery Worker Optimization¶
Adjust Celery worker settings in systemd service files:
# /etc/systemd/system/labid-celery-worker.service
Environment=CELERYD_OPTS="--time-limit=300 --concurrency=4"
Security Configuration¶
SSL/TLS Settings¶
Ensure secure communications:
# Force HTTPS redirects
DJANGO_SECURE_SSL_REDIRECT=True
DJANGO_SESSION_COOKIE_SECURE=True
DJANGO_CSRF_COOKIE_SECURE=True
Access Control¶
Configure IP-based access restrictions in Nginx:
Configuration Validation¶
After configuration changes:
-
Test configuration syntax:
-
Validate database connection:
-
Test email configuration:
-
Restart services:
Configuration Reference¶
All LabID settings are available in labid.settings.base.
For development setup examples, see the server README.
Next Steps¶
- Set up Maintenance procedures
- Review Troubleshooting guide