Configuration File

The Signotaur configuration file Signotaur.Server.config.json is located in the %ProgramData%\VSoft\Signotaur\Server folder. It stores the core Signotaur settings, including authentication, database connections, email settings, site configurations, logging, and encryption. As such, it should be keep secured and backed up at all times.

❗Always make a backup before editing.

Only edit the settings if you know what you are doing or have been asked to do so by technical support.

❗Changes to this file require a service restart.

This file uses JSON format, so ensure each entry has proper quotation marks and commas.

❗Improper syntax will prevent Signotaur from starting.

Note: Some settings can be edited via the Admin section of the Signotaur web interface. We recommend using the Admin section for those settings instead of direct edits.

Below is a description of each section and setting to help administrators understand and customize the configuration.

Authentication

Google

Note: These settings can and should be edited in the Admin section of the Signotaur website.

  • Enabled: Enables or disables Google authentication. Set to true to allow users to log in using Google credentials.
  • ClientId: Google OAuth Client ID for authentication.
  • ClientSecret: Google OAuth Client Secret for authentication.

GitHub

Note: These settings can and should be edited in the Admin section of the Signotaur website.

  • Enabled: Enables or disables GitHub authentication. Set to true to allow users to log in using GitHub credentials.
  • ClientId: GitHub OAuth Client ID for authentication.
  • ClientSecret: GitHub OAuth Client Secret for authentication.

PasswordPolicy

Defines the password requirements if Signotaur uses a traditional username-password login.

  • RequiredLength: Minimum number of characters required for a valid password.
  • RequireNonAlphanumeric: Requires at least one special character (e.g., !@#$%) in the password if set to true.
  • RequireLowercase: Requires at least one lowercase letter if set to true.
  • RequireUppercase: Requires at least one uppercase letter if set to true.
  • RequireDigit: Requires at least one digit if set to true.

ExpirationPolicy

Defines the expiration periods for various tokens, links and cookies used by Signotaur server.

  • PasswordResetLinkExpiryInMinutes: The time period in minutes before the password reset links sent to users expires. Default is 30 minutes.
  • EmailVerificationLinkExpiryInMinutes: The time period in minutes before the email verification links sent to users expires. Default is 720 minutes or 12 hours.
  • TemporaryPasswordExpiryInMinutes: The time period in minutes before a temporary password expires. Default is 60 minutes or 1 hour.
  • RememberMeExpiryInMinutes: The time period in minutes before the "remember me" authentication cookie expires. Default is 20,160 minutes or 14 regular days.
  • TwoFactorRememberMeExpiryInMinutes: The time period in minutes before the 2FA "remember code" cookie expires. Default is 43,200 minutes or 30 regular days.

Database

  • ConnectionString: Path to the SQLite database file used by Signotaur. Change the path if the database is stored in a different location.
  • AutoMigrate: When true, Signotaur automatically applies database migrations on startup, ensuring the database schema is up-to-date. Note: Changing this setting is not recommended.

Email

Settings for the outgoing mail server used to send verification and password reset emails.

Note: These settings can and should be edited in the Admin section of the Signotaur website.

  • MailServer: The SMTP server address used for sending emails.
  • MailPort: Port for the SMTP server (commonly 587 for TLS).
  • SenderName: Display name for the sender of outgoing emails.
  • Sender: Email address of the sender.
  • UserName: SMTP server username for authentication.
  • Password: Encrypted password for the SMTP server. Note: Do not change this directly as the server expects it to be encrypted.

Site

Settings for the web server hosting Signotaur.

Note: These settings can and should be updated via the Signotaur installer.

  • Port: Port number the Signotaur server listens on (default: 80 for HTTP, 443 for HTTPS).
  • ExternalHostName: Hostname used to access the Signotaur server externally.
  • UseHttps: When true, the site will use HTTPS for secure connections. A certificate configuration must be specified when using HTTPS.

Certificate

Used for HTTPS setup.

Note: These settings can and should be updated via the Signotaur installer.

  • PfxPath: Path to the .pfx file containing the SSL/TLS certificate.
  • Password: Password for the certificate file.
  • Subject: Specifies the subject of the certificate for looking up in the Windows certificate store. This is an alternative to using a .pfx file. The store name must also be specified.
  • StoreName: Specifies a certificate store name for looking up the certificate by subject.
  • AllowInvalid: If true, Signotaur will allow self-signed or otherwise invalid certificates.

Logging

Defines logging preferences across different outputs. The following minimum log levels can be used set the LogLevel settings:

  • Verbose: Captures everything you might want to know about a running block of code. Use for highly detailed logging.
  • Debug: Internal system events that aren’t observable externally but can help diagnose issues during development.
  • Information: Tracks general application events that are useful for understanding system behaviour under normal operations.
  • Warning: Indicates that some functionality is not working as expected, but the system is still running normally. This level suggests that while the issue may not be critical, it should be monitored or addressed to prevent further impact.
  • Error: Highlights functionality that is unavailable, broken invariants, or lost data. Typically requires immediate attention.
  • Fatal: Represents critical issues that require immediate response.

File

  • LogLevel: Controls the level of logging for file logs (Error, Warning, Information, etc.).
  • LogFileLocation: Optional. Path to the log file. If null, default location at %ProgramData%\VSoft\Signotaur\Server\Logs is used.
  • LogFileSuffix: Optional. Adds a suffix to log files for organization.
  • MaxLogFileSize: Optional. Maximum size for a log file; when reached, a new file is created. The default is 100Mb.

Console

  • LogLevel: Controls the logging level for console output.

Microsoft

  • LogLevel: Specifies the logging level for Microsoft libraries used within the application.

WindowsEventLog

  • LogLevel: Sets the logging level for messages sent to Windows Event Log.

Encryption

Used to secure sensitive data such as passwords in the application.

❗Do not alter these settings unless you are copying keys from one server to another during a migration.

❗Do not lose the key and vector. If you do then the server will not be able to access encrypted data.

  • Key: Encryption key, base64-encoded, used to encrypt sensitive data.
  • Vector: Initialization Vector (IV), also base64-encoded, used in encryption algorithms for added security.