Appearance
Configuration Reference
Introduction
- The
main.config.jsonfile is located in theconfig/directory of the project (or/opt/safecall/config/in production). Legacy installations with the file in the root directory are automatically migrated on first run. - Only options that differ from defaults need to be in the config file. Missing options are filled from
config/defaults.tsat startup and written back to the file. - The
web(frontend) service does not have any configuration options of its own but consumes the config of other services in its build process. The entire configuration file is never included in the build process to avoid leaking sensitive information. - This file is generated automatically by the deployment installer or setup wizard.
- After deploying the app, change the password of the default admin user to something secure using the web interface.
Features
The server_features array controls which subsystems are started. Available features:
| Feature | Description |
|---|---|
"bridge" | Zabbix MQTT bridge (can run standalone or alongside others) |
"navigation" | Indoor navigation (maps, zones, tracking canvas) |
"alerting" | Emergency alerting / SOS / KISS integration |
"rtls" | Real-time location system (zone prediction, tracking algorithms) |
"sensors" | Sensor data collection and storage |
"safecall" | Legacy alias — expands to all non-bridge features |
Common configurations:
- Full server + bridge:
["bridge", "safecall"] - Bridge only (e.g. on Zabbix machine):
["bridge"] - Navigation only:
["navigation"] - Custom subset:
["navigation", "alerting"]
Minimal Config Example
Only server_id and server_features are truly required. Everything else has defaults:
json
{
"server_id": "PRD001",
"server_features": ["navigation", "alerting"],
"server_http_port": 8088,
"server_mqtt_url": "mqtt://10.0.0.5:1883",
"server_mqtt_user": "myuser",
"server_mqtt_pass": "mypass"
}Bridge-only installations need even less:
json
{
"server_id": "BRG001",
"server_features": ["bridge"],
"server_bridge_server_url": "http://10.0.0.10:8088/",
"server_bridge_zabbix_host": "localhost"
}All Configurable Options
Core
| Key | Default | Description |
|---|---|---|
server_id | "TST000" | Unique server identifier |
server_features | ["bridge", "safecall"] | Features to enable (see above) |
server_mode | "prod" | Server mode: "prod" or "debug" |
server_http_port | 8088 | Port for the HTTP server |
server_db_path | "db/safecall.db" | Path to the SQLite database file |
server_url_prod | "/" | Production URL of the server |
server_url_ws | "/ws" | WebSocket URL |
Auth / Credentials
| Key | Default | Description |
|---|---|---|
server_credentials_default_email | "admin@example.com" | Default admin email |
server_credentials_default_password | "changeme" | Default admin password |
server_auth_jwt_issuer | "safecall" | JWT issuer |
server_auth_jwt_audience | "safecall" | JWT audience |
server_auth_jwt_expiry | "8h" | JWT token expiry duration |
MQTT
| Key | Default | Description |
|---|---|---|
server_mqtt_url | "mqtt://localhost:1883" | MQTT broker URL |
server_mqtt_user | "safecall" | MQTT broker username |
server_mqtt_pass | "safecall" | MQTT broker password |
Bridge (only used when "bridge" feature is enabled)
| Key | Default | Description |
|---|---|---|
server_bridge_server_url | "http://localhost:8088/" | URL of the SafeCall server |
server_bridge_zabbix_host | "localhost" | Hostname of the Zabbix server |
server_bridge_zabbix_port | 10051 | Port of the Zabbix server |
server_bridge_endpoint_beacon | "lld/beacons" | REST endpoint for beacons |
server_bridge_endpoint_gateway | "lld/gateways" | REST endpoint for gateways |
server_bridge_delay_beacon | 300 | Delay between beacon updates (seconds) |
server_bridge_delay_gateway | 300 | Delay between gateway updates (seconds) |
server_bridge_cache_update_interval | 3600 | Interval for refreshing cache (seconds) |
KISS / Alerting (only used when "alerting" feature is enabled)
| Key | Default | Description |
|---|---|---|
server_kiss_url_base | "" | Base URL for KISS API |
server_kiss_url_path_login | "/api/Mobile/LoginUser" | Path for KISS login endpoint |
server_kiss_url_path_convene | "/api/Mobile/ExecuteConveneByRule" | Path for KISS convene endpoint |
server_kiss_credentials_username | "" | Username for KISS API |
server_kiss_credentials_password | "" | Password for KISS API |
Performance / Devices
| Key | Default | Description |
|---|---|---|
server_devices_cache_sync_interval | 300 | Interval for devices cache sync (seconds) |
server_perf_memory_threshold | 512 | Memory threshold in MB for leak detection |
Notifications
| Key | Default | Description |
|---|---|---|
server_ntfy_enabled | true | Enable ntfy push notifications |
Whitelabel / Brands
The build system supports multiple brand profiles. Set the SAFECALL_BRAND environment variable or use --brand=<name> when building:
bash
# Build for SafeCall (default)
bash scripts/build/server.sh --brand=safecall
# Build for NavBeacon (navigation only, Bleuvista branding)
bash scripts/build/server.sh --brand=navbeaconBrand definitions live in config/brands/. Each brand specifies product name, company, default features, update server URL, and other branding details.