"WANonly":{"type":"boolean","default":false,"description":"When enabled, only MeshCentral WAN features are enabled and agents will connect to the server using a well known DNS name."},
"LANonly":{"type":"boolean","default":false,"description":"When enabled, only MeshCentral LAN features are enabled and agents will find the server using multicast LAN packets."},
"agentPort":{"type":"integer","minimum":1,"maximum":65535,"description":"When set, enabled a new HTTPS server port that only accepts agent connections."},
"agentPortBind":{"type":"string","description":"When set, binds the agent port to a specific network interface."},
"agentAliasPort":{"type":"integer","minimum":1,"maximum":65535,"description":"When set, indicates the actual publically visible agent-only port. If not set, the AgentPort value is used."},
"agentAliasDNS":{"type":"string","format":"hostname","description":"When set, specified the DNS name used by agents to connect to the agent-only port."},
"agentPortTls":{"type":"boolean","default":true,"description":"Indicates if the agent-only port must perform TLS, this should be set to false if TLS is performed in front of this server."},
"agentCoreDump":{"type":"boolean","default":false,"description":"Automatically activates and transfers any agent crash dump files to the server in meshcentral-data/coredumps."},
"allowFraming":{"type":"boolean","default":false,"description":"When enabled, the MeshCentral web site can be embedded within another website's iframe."},
"cookieEncoding":{"type":"string","enum":["hex","base64"],"default":"base64","description":"Encoding format of cookies in the HTTP headers, this is typically Base64 but some reverse proxies will require HEX."},
"webRTC":{"type":"boolean","default":false,"description":"When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser."},
"nice404":{"type":"boolean","default":true,"description":"By default, a nice looking 404 error page is displayed when needed. Set this to false to disable it."},
"clickOnce":{"type":"boolean","default":true,"description":"By default Microsoft ClickOnce support is enabled allowing connection routing from the web site on IE browser and browsers with ClickOnce add-in."},
"selfUpdate":{"type":"boolean","default":false,"description":"When true, this server will attempt to self-update everyday after midnight."},
"browserPing":{"type":"integer","minimum":1,"description":"When specified, sends data to the browser at x seconds interval and expects a response from the browser."},
"browserPong":{"type":"integer","minimum":1,"description":"When specified, sends data to the browser at x seconds interval."},
"agentPing":{"type":"integer","minimum":1,"description":"When specified, sends data to the agent at x seconds interval and expects a response from the agent."},
"agentPong":{"type":"integer","minimum":1,"description":"When specified, sends data to the agent at x seconds interval."},
"orphanAgentUser":{"type":"string","default":null,"description":"If an agent attempts to connect to a unknown device group, automatically create a new device group and grant access to the specified user. Example: admin"},
"agentwscompression":{"type":"boolean","default":true,"description":"Enables agent-side, websocket per-message deflate compression. wscompression must also be true for this to work."},
"authLog":{"type":"string","default":null,"description":"File path and name of the authentication log to be created. This log can be parsed by Fail2ban."},
"description":"When this server is in LAN mode, you may discover this server using a multicast discovery tool. When discovery happens, the name and info fields are sent back to the discovery tool.",
"key":{"type":"string","description":"When set, encrypts all LAN discovery traffic to agents and tools using this key. This is only useful in LAN/Hybrid mode when agents and tools user multicast to find the server."}
"description":"Enabled automated upload of the server backups to a Google Drive account, once enabled you need to go in \"My Server\" tab as administrator to associate the account.",
"properties":{
"folderName":{"type":"integer","default":"MeshCentral-Backups","description":"The name of the folder to create in the Google Drive account."},
"maxFiles":{"type":"string","default":null,"description":"The maximum number of files to keep in the Google Drive folder, older files will be removed if needed."}
"folderName":{"type":"integer","default":"MeshCentral-Backups","description":"The name of the folder to create in the WebDAV account."},
"maxFiles":{"type":"string","default":null,"description":"The maximum number of files to keep in the WebDAV folder, older files will be removed if needed."}
"siteStyle":{"type":"integer","default":1,"description":"Valid numbers are 1 and 2, changes the style of the login page and some secondary pages."},
"title":{"type":"string","default":"MeshCentral","description":"The title of this web site. All web pages will have this title."},
"title2":{"type":"string","default":null,"description":"Secondary title text that is placed on the upper right on the title on many web pages."},
"titlePicture":{"type":"string","default":null,"description":"Web site .png logo file that is 450x66 in size placed in meshcentral-data that is used on the top of many pages."},
"loginPicture":{"type":"string","default":null,"description":"Web site .png logo file placed in meshcentral-data that used on the login page when sitestyle is 2."},
"userNameIsEmail":{"type":"boolean","default":false,"description":"When enabled, the username of each account is also the email address of the account."},
"welcomePicture":{"type":"string","description":"Name of the PNG or JPEG file that will be shown on the login screen. Put this file in the meshcentral-data folder and place the file name here."},
"certUrl":{"type":"string","format":"uri","description":"https url when to get the TLS certificate that MeshAgent's will see when connecting to this server. This setting is used when a reverse proxy like NGINX is used in front of MeshCentral."},
"auth":{"type":"string","default":null,"enum":[null,"sspi","ldap"],"description":"Type of user authentication to use, this can be SSPI on Windows or LDAP. If not set, username/password is used."},
"ldapUserKey":{"type":"string"},
"ldapUserName":{"type":"string"},
"ldapUserEmail":{"type":"string"},
"ldapUserRealName":{"type":"string"},
"ldapUserPhoneNumber":{"type":"string"},
"ldapOptions":{"type":"object","description":"LDAP options passed to ldapauth-fork"},
"agentInviteCodes":{"type":"boolean","default":false,"description":"Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent."},
"agentNoProxy":{"type":"boolean","default":false,"description":"When enabled, all newly installed MeshAgents will be instructed to no use a HTTP/HTTPS proxy even if one is configured on the remote system"},
"geoLocation":{"type":"boolean","default":false,"description":"Enables the geo-location feature and device location map in the user interface, this feature is not being worked on."},
"novnc":{"type":"boolean","default":true,"description":"When enabled, activates the built-in web-based noVNC client."},
"mstsc":{"type":"boolean","default":false,"description":"When enabled, activates the built-in web-based RDP client."},
"webEmailsPath":{"type":"string","description":"Path where to find custom email templates for this domain."},
"description":"If your server has a proper DNS name and it public facing on the Internet with a public facing HTTP server on port 80, you can get a free TLS certificate.",
"email":{"type":"string","format":"email","description":"Email address of the administrator of this server. Make sure this is a valid email address otherwise the certificate request will fail."},
"production":{"type":"boolean","default":false,"description":"By default a test certificate will be obtained from Let's Encrypt. Always start by getting a test certificate and make sure that works before setting this to true and obtaining a production certificaite. Making too many bad requests for a production certificate will get you banned for a long period of time."}