Configuration
InvenTree Configuration¶
While many InvenTree options can be configured at "run time" (see System Settings), there are a number of system configuration parameters which need to be set before running InvenTree. Admin users will need to adjust the InvenTree installation to meet the particular needs of their setup. For example, pointing to the correct database backend, or specifying a list of allowed hosts.
InvenTree system settings can be specified either via environment variables, or in a configuration file.
Configuration File¶
To support install specific settings, a simple configuration file config.yaml is provided. This configuration file is loaded by the InvenTree server at runtime. Settings specific to a given install should be adjusted in config.yaml.
Configuration File Location¶
The InvenTree server tries to locate the config.yaml configuration file on startup, in the following locations:
- Location is specified by the
INVENTREE_CONFIG_FILEenvironment variable - Located in the same local directory as the InvenTree source code
Config File Location
When the InvenTree server boots, it will report the location where it expects to find the configuration file
Configuration File Template¶
The configuration file template can be found on GitHub, and is shown below:
Configuration File Template
# InvenTree Configuration Template
# Ref: https://docs.inventree.org/en/stable/start/config/
# Note: Environment variables take precedence over values set in this file
# Secret key for backend
# Use the environment variable INVENTREE_SECRET_KEY_FILE
#secret_key_file: '/etc/inventree/secret_key.txt'
# Use the environment variable INVENTREE_OIDC_PRIVATE_KEY or INVENTREE_OIDC_PRIVATE_KEY_FILE
#oidc_private_key: '-----BEGIN PRIVATE KEY-----aaa'
#oidc_private_key_file: '/etc/inventree/oidc.key'
# Database backend selection - Configure backend database settings
# Documentation: https://docs.inventree.org/en/latest/start/config/
# Note: Database configuration options can also be specified from environmental variables,
# with the prefix INVENTREE_DB_
# e.g INVENTREE_DB_NAME / INVENTREE_DB_USER / INVENTREE_DB_PASSWORD
# Do not change this section if you are using the package - use `inventree config` instead
# TO MAINTAINERS: Do not change database strings
database:
# --- Available options: ---
# ENGINE: Database engine. Selection from:
# - mysql
# - postgresql
# - sqlite3
# NAME: Database name
# USER: Database username (if required)
# PASSWORD: Database password (if required)
# HOST: Database host address (if required)
# PORT: Database host port (if required)
# Base URL for the InvenTree server (or use the environment variable INVENTREE_SITE_URL)
# site_url: 'http://localhost:8000'
# Set debug to False to run in production mode, or use the environment variable INVENTREE_DEBUG
debug: False
# Additional debug options
debug_querycount: False
debug_silk: False
debug_silk_profiling: False
debug_shell: False
# Set to False to disable the admin interface, or use the environment variable INVENTREE_ADMIN_ENABLED
#admin_enabled: True
# Set the admin URL, or use the environment variable INVENTREE_ADMIN_URL
#admin_url: 'admin'
# Add new user on first startup by either adding values here or from a file
#admin_user: admin
#admin_email: info@example.com
#admin_password: inventree
#admin_password_file: '/etc/inventree/admin_password.txt'
# Configure the system logging level (or use environment variable INVENTREE_LOG_LEVEL)
# Options: DEBUG / INFO / WARNING / ERROR / CRITICAL
log_level: WARNING
# Configure if logs should be output in JSON format
# Use environment variable INVENTREE_JSON_LOG
json_log: False
# Enable database-level logging, or use the environment variable INVENTREE_DB_LOGGING
db_logging: False
# Enable writing a log file, or use the environment variable INVENTREE_WRITE_LOG
write_log: False
# Enable writing logs to the console (stdout), or use the environment variable INVENTREE_CONSOLE_LOG
console_log: True
# Select default system language , or use the environment variable INVENTREE_LANGUAGE
language: en-us
# System time-zone (default is UTC). Reference: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
timezone: UTC
# Email backend configuration
# See https://docs.inventree.org/en/stable/settings/email for more information on email configuration
# You can either use (1) SMTP, (2) console or (3) anymail backends
# 1 (SMTP) : Ref: https://docs.djangoproject.com/en/dev/topics/email/
# 2 (Console): Ref: https://docs.djangoproject.com/en/dev/topics/email/#console-backend
# 3 (Anymail): Ref: https://anymail.dev/en/stable/esps/
# Alternatively, these options can all be set using environment variables,
# with the INVENTREE_EMAIL_ prefix:
# e.g. INVENTREE_EMAIL_HOST / INVENTREE_EMAIL_PORT / INVENTREE_EMAIL_USERNAME
email:
sender: '' # 'inventree@example.org'
# For 1
# backend: 'django.core.mail.backends.smtp.EmailBackend'
host: ''
port: 25
username: ''
password: ''
tls: False
ssl: False
# For 2
# backend: 'django.core.mail.backends.console.EmailBackend'
# For 3
# backend: 'anymail.backends.mailjet.EmailBackend'
# anymail:
# MAILJET_API_KEY: abc456
# MAILJET_SECRET_KEY: def123
# WEBHOOK_SECRET: random:random # generate a random string for webhook secret
# Set sentry_enabled to True to report errors back to the maintainers
# Set sentry,dsn to your custom DSN if you want to use your own instance for error reporting
sentry_enabled: False
#sentry_sample_rate: 0.1
#sentry_dsn: https://custom@custom.ingest.sentry.io/custom
# OpenTelemetry tracing/metrics - disabled by default - refer to the documentation for full list of options
# This can be used to send tracing data, logs and metrics to OpenTelemetry compatible backends
tracing:
enabled: false
# Set this variable to True to enable InvenTree Plugins, or use the environment variable INVENTREE_PLUGINS_ENABLED
plugins_enabled: False
#plugin_noinstall: True
#plugin_file: '/path/to/plugins.txt'
#plugin_dir: '/path/to/plugins/'
# Set this variable to True to enable auto-migrations, or use the environment variable INVENTREE_AUTO_UPDATE
auto_update: False
# Allowed hosts (see ALLOWED_HOSTS in Django settings documentation)
# A list of strings representing the host/domain names that this Django site can serve.
# Default behaviour is to allow all hosts (THIS IS NOT SECURE!)
allowed_hosts:
- '*'
# Trusted origins (see CSRF_TRUSTED_ORIGINS in Django settings documentation)
# If you are running behind a proxy, you may need to add the proxy address here
# trusted_origins:
# - 'http://localhost'
# - 'http://*.localhost'
# Enable Proxy header passthrough
# Override with the environment variable INVENTREE_USE_X_FORWARDED_<HEADER>
# use_x_forwarded_host: true
# use_x_forwarded_port: true
# use_x_forwarded_proto: true
# Cookie settings (nominally the default settings should be fine)
# cookie:
# secure: false
# samesite: false
# Cross Origin Resource Sharing (CORS) settings (see https://github.com/adamchainz/django-cors-headers)
cors:
allow_all: true
allow_credentials: true
# whitelist:
# - https://example.com
# - https://sub.example.com
# regex:
# MEDIA_ROOT is the local filesystem location for storing uploaded files
#media_root: '/home/inventree/data/media'
# STATIC_ROOT is the local filesystem location for storing static files
#static_root: '/home/inventree/data/static'
# INVENTREE_BACKUP_DIR is the local filesystem location for storing backups
#backup_dir: '/home/inventree/data/backup'
# Background worker options
background:
workers: 4
timeout: 90
max_attempts: 5
# External cache configuration (refer to the documentation for full list of options)
cache:
enabled: false
host: 'inventree-cache'
port: 6379
# Login configuration
login_confirm_days: 3
login_attempts: 5
login_default_protocol: http
# Remote / proxy login
# These settings can introduce security problems if configured incorrectly. Please read
# https://docs.djangoproject.com/en/4.2/howto/auth-remote-user/ for more details
# The header name should be prefixed by `HTTP`. Please read the docs for more details
# https://docs.djangoproject.com/en/stable/ref/request-response/#django.http.HttpRequest.META
remote_login_enabled: False
remote_login_header: HTTP_REMOTE_USER
# Logout redirect configuration
# This setting may be required if using remote / proxy login to redirect requests
# during the logout process (default is 'index'). Please read the docs for more details
# https://docs.djangoproject.com/en/stable/ref/settings/#logout-redirect-url
#logout_redirect_url: 'index'
# Add SSO login-backends (see examples below)
# social_backends:
# - 'allauth.socialaccount.providers.google'
# - 'allauth.socialaccount.providers.github'
# Add specific settings for social account providers (if required)
# Refer to the django-allauth documentation for more details:
# https://docs.allauth.org/en/latest/socialaccount/provider_configuration.html
# social_providers:
# github:
# VERIFIED_EMAIL: true
# Add LDAP support (refer to the documentation for available options)
# Ref: https://docs.inventree.org/en/stable/start/advanced/#ldap
ldap:
enabled: false
# Customization options
# Ref: https://docs.inventree.org/en/stable/start/config/#customization-options
# customize:
# site_header: 'Custom Admin Panel' # Django admin panel header text
# login_message: InvenTree demo instance - <a href='https://inventree.org/demo.html'> Click here for login details</a>
# navbar_message: <h6>InvenTree demo mode <a href='https://inventree.org/demo.html'><span class='fas fa-info-circle'></span></a></h6>
# hide_admin_link: true
# hide_password_reset: true
# logo: img/custom_logo.png
# splash: img/custom_splash.jpg
# Override global settings
#global_settings:
# INVENTREE_DEFAULT_CURRENCY: 'CNY'
# INVENTREE_RESTRICT_ABOUT: true
# Storage configuration
# Ref: https://docs.inventree.org/en/stable/start/config/#storage-backends
storage:
target: local # s3, sftp
# s3:
# access_key: 'abc123-key'
# secret_key: 'abc123-secret'
# bucket_name: 'my-bucket'
# region_name: 'fsn1'
# endpoint_url: 'https://fsn1.your-objectstorage.com'
# location: 'inventree-server_subdir'
# default_acl: private
# verify_ssl: true
# overwrite: true
# virtual: true
# sftp:
# host: 'sftp://ftp-target.example.org:22'
# uid: 1000
# gid: 1000
# location: 'inventree-server_subdir'
# params:
# # See https://docs.paramiko.org/en/latest/api/client.html#paramiko.client.SSHClient.connect
# port: 22
# username: 'user'
# password: 'pwd'
# compress: False
Template File
The default configuration file (as defined by the template linked above) will be copied to the specified configuration file location on first run, if a configuration file is not found in that location.
Restart Server
The contents of the configuration file are read when the InvenTree server first launches. If any changes are made to the configuration file, ensure that the server is restarted, so that the changes can be made operational.
Environment Variables¶
In addition to specifying InvenTree options via the config.yaml file, these options can also be specified via environment variables. This can be useful for system administrators who want the flexibility of altering settings without editing the configuration file.
Environment variable settings generally use the INVENTREE_ prefix, and are all uppercase.
Configuration Priority
Configuration options set via environment variables will take priority over the values set in the config.yaml file. This can be useful for overriding specific settings without needing to edit the configuration file.
Available Variables
Some configuration options cannot be set via environment variables. Refer to the documentation below.
List Values¶
To specify a list value in an environment variable, use a comma-separated list. For example, to specify a list of trusted origins:
INVENTREE_TRUSTED_ORIGINS='https://inventree.example.com:8443,https://stock.example.com:8443'
Basic Options¶
The following basic options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_SITE_URL | site_url | Specify a fixed site URL | Not specified |
| INVENTREE_TIMEZONE | timezone | Server timezone | UTC |
| INVENTREE_ADMIN_ENABLED | admin_enabled | Enable the django administrator interface | True |
| INVENTREE_ADMIN_URL | admin_url | URL for accessing admin interface | admin |
| INVENTREE_LANGUAGE | language | Default language | en-us |
| INVENTREE_AUTO_UPDATE | auto_update | Database migrations will be run automatically | False |
Site URL¶
The INVENTREE_SITE_URL option defines the base URL for the InvenTree server. This is a critical setting, and it is required for correct operation of the server. If not specified, the server will attempt to determine the site URL automatically - but this may not always be correct!
The site URL is the URL that users will use to access the InvenTree server. For example, if the server is accessible at https://inventree.example.com, the site URL should be set to https://inventree.example.com. Note that this is not necessarily the same as the internal URL that the server is running on - the internal URL will depend entirely on your server configuration and may be obscured by a reverse proxy or other such setup.
Timezone¶
By default, the InvenTree server is configured to use the UTC timezone. This can be adjusted to your desired local timezone. You can refer to Wikipedia for a list of available timezones. Use the values specified in the TZ Identifier column in the linked page. For example, to change to the United States Pacific timezone, set INVENTREE_TIMEZONE='America/Los_Angeles'.
Date and time values are stored in the database in UTC format, and are converted to the selected timezone for display in the user interface or API.
Auto Update¶
By default, the InvenTree server will not automatically apply database migrations. When the InvenTree installation is updated (or a plugin is installed which requires database migrations), database migrations must be applied manually by the system administrator.
With "auto update" enabled, the InvenTree server will automatically apply database migrations as required when plugins are changed. To enable automatic database updates, set INVENTREE_AUTO_UPDATE to True. However, this setting is not sufficient when updating your InvenTree installation - you must still ensure that you follow the required steps for updating InvenTree as per your installation method.
Debugging and Logging Options¶
The following debugging / logging options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_DEBUG | debug | Enable debug mode | False |
| INVENTREE_DEBUG_QUERYCOUNT | debug_querycount | Enable support for django-querycount middleware. | False |
| INVENTREE_DEBUG_SILK | debug_silk | Enable support for django-silk profiling tool. | False |
| INVENTREE_DEBUG_SILK_PROFILING | debug_silk_profiling | Enable detailed profiling in django-silk | False |
| INVENTREE_DB_LOGGING | db_logging | Enable logging of database messages | False |
| INVENTREE_LOG_LEVEL | log_level | Set level of logging to terminal | WARNING |
| INVENTREE_JSON_LOG | json_log | log as json | False |
| INVENTREE_WRITE_LOG | write_log | Enable writing of log messages to file at config base | False |
| INVENTREE_CONSOLE_LOG | console_log | Enable logging to console | True |
Debug Mode¶
Enabling the INVENTREE_DEBUG setting will turn on Django debug mode. This mode is intended for development purposes, and should not be enabled in a production environment. Read more about InvenTree debug mode.
In debug mode, there are additional profiling tools available to help developers analyze and optimize performance.
Server Access¶
Depending on how your InvenTree installation is configured, you will need to pay careful attention to the following settings. If you are running your server behind a proxy, or want to adjust support for CORS requests, one or more of the following settings may need to be adjusted.
Advanced Users
The following settings require a certain assumed level of knowledge. You should also refer to the django documentation for more information.
Not Secure
Allowing access from any host is not secure, and should be adjusted for your installation.
Environment Variables
Note that a provided environment variable will override the value provided in the configuration file.
INVENTREE_SITE_URL
If you have specified the INVENTREE_SITE_URL, this will automatically be used as a trusted CSRF and CORS host (see below).
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_ALLOWED_HOSTS | allowed_hosts | List of allowed hosts | * |
| INVENTREE_TRUSTED_ORIGINS | trusted_origins | List of trusted origins. Refer to the django documentation | Uses the INVENTREE_SITE_URL parameter, if set. Otherwise, an empty list. |
| INVENTREE_CORS_ORIGIN_ALLOW_ALL | cors.allow_all | Allow all remote URLS for CORS checks | False |
| INVENTREE_CORS_ORIGIN_WHITELIST | cors.whitelist | List of whitelisted CORS URLs. Refer to the django-cors-headers documentation | Uses the INVENTREE_SITE_URL parameter, if set. Otherwise, an empty list. |
| INVENTREE_CORS_ORIGIN_REGEX | cors.regex | List of regular expressions for CORS whitelisted URL patterns | Empty list |
| INVENTREE_CORS_ALLOW_CREDENTIALS | cors.allow_credentials | Allow cookies in cross-site requests | True |
| INVENTREE_SITE_LAX_PROTOCOL | site_lax_protocol | Ignore protocol mismatches on INVE-E7 site checks | True |
| INVENTREE_USE_X_FORWARDED_HOST | use_x_forwarded_host | Use forwarded host header | False |
| INVENTREE_USE_X_FORWARDED_PORT | use_x_forwarded_port | Use forwarded port header | False |
| INVENTREE_USE_X_FORWARDED_PROTO | use_x_forwarded_proto | Use forwarded protocol header | False |
| INVENTREE_SESSION_COOKIE_SECURE | cookie.secure | Enforce secure session cookies | False |
| INVENTREE_COOKIE_SAMESITE | cookie.samesite | Session cookie mode. Must be one of Strict | Lax | None | False. Refer to the mozilla developer docs and the django documentation for more information. |
False |
Debug Mode¶
Note that in debug mode, some of the above settings are automatically adjusted to allow for easier development. The following settings are internally overridden in debug mode with the values specified below:
| Setting | Value in Debug Mode | Description |
|---|---|---|
INVENTREE_ALLOWED_HOSTS |
* |
Allow all host in debug mode |
CSRF_TRUSTED_ORIGINS |
Value is appended to allow http://*.localhost:* |
Allow all connections from localhost, for development purposes |
INVENTREE_COOKIE_SAMESITE |
False |
Disable all same-site cookie checks in debug mode |
INVENTREE_SESSION_COOKIE_SECURE |
False |
Disable secure session cookies in debug mode (allow non-https cookies) |
Cookie Settings¶
Note that if you set the INVENTREE_COOKIE_SAMESITE to None, then INVENTREE_SESSION_COOKIE_SECURE is automatically set to True to ensure that the session cookie is secure! This means that the session cookie will only be sent over secure (https) connections.
Proxy Considerations¶
If you are running InvenTree behind a proxy, or forwarded HTTPS connections, you will need to ensure that the InvenTree server is configured to listen on the correct host and port. You will likely have to adjust the INVENTREE_ALLOWED_HOSTS setting to ensure that the server will accept requests from the proxy.
Additionally, you may need to configure the following header to ensure that the InvenTree server is watching for information forwarded by the proxy:
X-Forwarded-Host
By default, InvenTree will not look at the X-Forwarded-Host header.
If you are running InvenTree behind a proxy which obscures the upstream host information, you will need to ensure that the INVENTREE_USE_X_FORWARDED_HOST setting is enabled. This will ensure that the InvenTree server uses the forwarded host header for processing requests.
You can also refer to the Django documentation for more information on this header.
X-Forwarded-Port
InvenTree provides support for the X-Forwarded-Port header, which can be used to determine if the incoming request is using a forwarded port. If you are running InvenTree behind a proxy which forwards port information, you should ensure that the INVENTREE_USE_X_FORWARDED_PORT setting is enabled.
Note: This header is overridden by the X-Forwarded-Host header.
You can also refer to the Django documentation for more information on this header.
X-Forwarded-Proto
InvenTree provides support for the X-Forwarded-Proto header, which can be used to determine if the incoming request is using HTTPS, even if the server is running behind a proxy which forwards SSL connections. If you are running InvenTree behind a proxy which forwards SSL connections, you should ensure that the INVENTREE_USE_X_FORWARDED_PROTO setting is enabled.
You can also refer to the Django documentation for more information on this header.
Proxy configuration can be complex, and any configuration beyond the basic setup is outside the scope of this documentation. You should refer to the documentation for the specific proxy server you are using.
Refer to the proxy server documentation for more information.
Admin Site¶
Django provides a powerful administrator interface which can be used to manage the InvenTree database. This interface is enabled by default, and available at the /admin/ URL.
The following admin site configuration options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_ADMIN_ENABLED | admin_enabled | Enable the django administrator interface | True |
| INVENTREE_ADMIN_URL | admin_url | URL for accessing the admin interface | admin |
Security
Changing the admin URL is a simple way to improve security, but it is not a substitute for proper security practices.
Administrator Account¶
An administrator account can be specified using the following environment variables:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_ADMIN_USER | admin_user | Admin account username | Not specified |
| INVENTREE_ADMIN_PASSWORD | admin_password | Admin account password | Not specified |
| INVENTREE_ADMIN_PASSWORD_FILE | admin_password_file | Admin account password file | Not specified |
| INVENTREE_ADMIN_EMAIL | admin_email | Admin account email address | Not specified |
You can either specify the password directly using INVENTREE_ADMIN_PASSWORD, or you can specify a file containing the password using INVENTREE_ADMIN_PASSWORD_FILE (this is useful for nix users).
Administrator Account
Providing INVENTREE_ADMIN credentials will result in the provided account being created with superuser permissions when InvenTree is started.
Secret Key Material¶
InvenTree requires secret keys for providing cryptographic signing and oidc private keys- this should be a secret (and unpredictable) value.
Auto-Generated material
If none of the following options are specified, InvenTree will automatically generate a secret key file (stored in secret_key.txt) and a oidc key file (stored in oidc.pem) on first run.
The secret key material can be provided in multiple ways, with the following (descending) priorities:
Pass Secret Key Material via Environment Variable
A secret key string can be passed directly using the environment variable INVENTREE_SECRET_KEY
A oidc private key can be passed directly using the environment variable INVENTREE_OIDC_PRIVATE_KEY
Pass Secret Key Material File via Environment Variable
A file containing the secret key can be passed via the environment variable INVENTREE_SECRET_KEY_FILE
A PEM-encoded file containing the oidc private key can be passed via the environment variable INVENTREE_OIDC_PRIVATE_KEY_FILE
Fallback to Default Secret Key Material
If not specified via environment variables, the fallback files (automatically generated as part of InvenTree installation) will be used.
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_SECRET_KEY | secret_key | Raw secret key value | Not specified |
| INVENTREE_SECRET_KEY_FILE | secret_key_file | File containing secret key value | Not specified |
| INVENTREE_OIDC_PRIVATE_KEY | oidc_private_key | Raw private key value | Not specified |
| INVENTREE_OIDC_PRIVATE_KEY_FILE | oidc_private_key_file | File containing private key value in PEM format | Not specified |
Database Options¶
InvenTree provides support for multiple database backends - any backend supported natively by Django can be used.
Database options are specified under the database heading in the configuration file. Any option available in the Django documentation can be used here - it is passed through transparently to the management scripts.
The following database options can be configured:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_DB_ENGINE | database.ENGINE | Database backend | Not specified |
| INVENTREE_DB_NAME | database.NAME | Database name | Not specified |
| INVENTREE_DB_USER | database.USER | Database username (if required) | Not specified |
| INVENTREE_DB_PASSWORD | database.PASSWORD | Database password (if required) | Not specified |
| INVENTREE_DB_HOST | database.HOST | Database host address (if required) | Not specified |
| INVENTREE_DB_PORT | database.PORT | Database host port (if required) | Not specified |
Database Password
The value specified for INVENTREE_DB_PASSWORD should not contain comma , or colon : characters, otherwise the connection to the database may fail.
PostgreSQL Settings¶
If running with a PostgreSQL database backend, the following additional options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_DB_TIMEOUT | database.timeout | Database connection timeout (s) | 2 |
| INVENTREE_DB_TCP_KEEPALIVES | database.tcp_keepalives | TCP keepalive | 1 |
| INVENTREE_DB_TCP_KEEPALIVES_IDLE | database.tcp_keepalives_idle | Idle TCP keepalive | 1 |
| INVENTREE_DB_TCP_KEEPALIVES_INTERNAL | database.tcp_keepalives_internal | Internal TCP keepalive | 1 |
| INVENTREE_DB_TCP_KEEPALIVES_COUNT | database.tcp_keepalives_count | TCP keepalive count | 5 |
| INVENTREE_DB_ISOLATION_SERIALIZABLE | database.serializable | Database isolation level configured to "serializable" | False |
MySQL Settings¶
If running with a MySQL database backend, the following additional options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_DB_ISOLATION_SERIALIZABLE | database.serializable | Database isolation level configured to "serializable" | False |
Caching¶
InvenTree can be configured to use redis as a global cache backend. Enabling a global cache can provide significant performance improvements for InvenTree.
Cache Server¶
Enabling global caching requires connection to a redis server (which is separate from the InvenTree database and web server). Setup and configuration of this server is outside the scope of this documentation. It is assumed that if you are configuring a cache server, you have already set one up, and are comfortable configuring it.
Docker Support
If you are running InvenTree under docker, we provide a redis container as part of our docker compose file - so redis caching works out of the box.
Cache Settings¶
The following cache settings are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_CACHE_ENABLED | cache.enabled | Enable redis caching | False |
| INVENTREE_CACHE_HOST | cache.host | Cache server host | Not specified |
| INVENTREE_CACHE_PORT | cache.port | Cache server port | 6379 |
| INVENTREE_CACHE_PASSWORD | cache.password | Cache server password | none |
| INVENTREE_CACHE_USER | cache.user | Cache server username | none |
| INVENTREE_CACHE_CONNECT_TIMEOUT | cache.connect_timeout | Cache connection timeout (seconds) | 3 |
| INVENTREE_CACHE_TIMEOUT | cache.timeout | Cache timeout (seconds) | 3 |
| INVENTREE_CACHE_TCP_KEEPALIVE | cache.tcp_keepalive | Cache TCP keepalive | True |
| INVENTREE_CACHE_KEEPALIVE_COUNT | cache.keepalive_count | Cache keepalive count | 5 |
| INVENTREE_CACHE_KEEPALIVE_IDLE | cache.keepalive_idle | Cache keepalive idle | 1 |
| INVENTREE_CACHE_KEEPALIVE_INTERVAL | cache.keepalive_interval | Cache keepalive interval | 1 |
| INVENTREE_CACHE_USER_TIMEOUT | cache.user_timeout | Cache user timeout | 1000 |
Cache Password
The value specified for INVENTREE_CACHE_PASSWORD should not contain comma , or colon : characters, otherwise the connection to the cache server may fail.
Email Settings¶
To enable email functionality, email settings must be configured here, either via environment variables or within the configuration file.
The following email settings are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_EMAIL_BACKEND | email.backend | Email backend module | django.core.mail.backends.smtp.EmailBackend |
| INVENTREE_EMAIL_HOST | email.host | Email server host | Not specified |
| INVENTREE_EMAIL_PORT | email.port | Email server port | 25 |
| INVENTREE_EMAIL_USERNAME | email.username | Email account username | Not specified |
| INVENTREE_EMAIL_PASSWORD | email.password | Email account password | Not specified |
| INVENTREE_EMAIL_TLS | email.tls | Enable TLS support | False |
| INVENTREE_EMAIL_SSL | email.ssl | Enable SSL support | False |
| INVENTREE_EMAIL_SENDER | email.sender | Sending email address | Not specified |
| INVENTREE_EMAIL_PREFIX | email.prefix | Prefix for subject text | [InvenTree] |
Email Backend¶
The default email implementation uses the Django STMP backend. This should be sufficient for most implementations, although other backends can be used if required. Note that selection of a different backend requires must use fully qualified module path, and requires advanced knowledge.
Sender Email¶
The "sender" email address is the address from which InvenTree emails are sent (by default) and must be specified for outgoing emails to function:
Fallback
If INVENTREE_EMAIL_SENDER is not provided, the system will fall back to INVENTREE_EMAIL_USERNAME (if the username is a valid email address)
File Storage Locations¶
InvenTree requires some external directories for storing files:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_STATIC_ROOT | static_root | Static files directory | Not specified |
| INVENTREE_MEDIA_ROOT | media_root | Media files directory | Not specified |
| INVENTREE_BACKUP_DIR | backup_dir | Backup files directory | Not specified |
Serving Files
Read the proxy server documentation for more information on hosting static and media files
Static File Storage¶
Static files require a local directory for storage. This directory should be specified with the static_root option in the config file based on the particular installation requirements.
Alternatively this location can be specified with the INVENTREE_STATIC_ROOT environment variable.
Required
The static file directory must be specified, or the server will not start
Uploaded File Storage¶
Uploaded media files require a local directory for storage. This directory should be specified with the media_root option in the config file based on the particular installation requirements.
Alternatively this location can be specified with the INVENTREE_MEDIA_ROOT environment variable.
Required
The media file directory must be specified, or the server will not start
Backup File Storage¶
Database and media backups require a local directory for storage. This directory should be specified with the backup_dir option in the config file based on the particular installation requirements.
Alternatively this location can be specified with the INVENTREE_BACKUP_DIR environment variable.
Storage backends¶
It is also possible to use alternative storage backends for static and media files, at the moment there is direct provide direct support bundled for S3 and SFTP. Google cloud storage and Azure blob storage would also be supported by the used library, but require additional packages to be installed.
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_STORAGE_TARGET | storage.target | Storage target to use for static and media files, valid options: local, s3, sftp | local |
S3¶
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_S3_ACCESS_KEY | storage.s3.access_key | Access key | Not specified |
| INVENTREE_S3_SECRET_KEY | storage.s3.secret_key | Secret key | |
| Not specified | |||
| INVENTREE_S3_BUCKET_NAME | storage.s3.bucket_name | Bucket name, required by most providers | |
| Not specified | |||
| INVENTREE_S3_REGION_NAME | storage.s3.region_name | S3 region name | |
| Not specified | |||
| INVENTREE_S3_ENDPOINT_URL | storage.s3.endpoint_url | Custom S3 endpoint URL, defaults to AWS endpoints if not set | |
| Not specified | |||
| INVENTREE_S3_LOCATION | storage.s3.location | Sub-Location that should be used | inventree-server |
| INVENTREE_S3_DEFAULT_ACL | storage.s3.default_acl | Default ACL for uploaded files, defaults to provider default if not set | Not specified |
| INVENTREE_S3_VERIFY_SSL | storage.s3.verify_ssl | Verify SSL certificate for S3 endpoint | True |
| INVENTREE_S3_OVERWRITE | storage.s3.overwrite | Overwrite existing files in S3 bucket | False |
| INVENTREE_S3_VIRTUAL | storage.s3.virtual | Use virtual addressing style - by default False -> path style, virtual style if True |
False |
SFTP¶
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_SFTP_HOST | storage.sftp.host | SFTP host | Not specified |
| INVENTREE_SFTP_PARAMS | storage.sftp.params | SFTP connection parameters, see https://docs.paramiko.org/en/latest/api/client.html#paramiko.client.SSHClient.connect; e.g. {'port': 22, 'user': 'usr', 'password': 'pwd'} |
Not specified |
| INVENTREE_SFTP_UID | storage.sftp.uid | SFTP user ID - not required | Not specified |
| INVENTREE_SFTP_GID | storage.sftp.gid | SFTP group ID - not required | Not specified |
| INVENTREE_SFTP_LOCATION | storage.sftp.location | Sub-Location that should be used | inventree-server |
Authentication¶
InvenTree provides allowance for additional sign-in options. The following options are not enabled by default, and care must be taken by the system administrator when configuring these settings.
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_MFA_ENABLED | mfa_enabled | Enable or disable multi-factor authentication support for the InvenTree server | True |
| INVENTREE_MFA_SUPPORTED_TYPES | mfa_supported_types | List of supported multi-factor authentication types | recovery_codes,totp,webauthn |
Single Sign On¶
Single Sign On (SSO) allows users to sign in to InvenTree using a third-party authentication provider. This functionality is provided by the django-allauth package.
There are multiple configuration parameters which must be specified (either in your configuration file, or via environment variables) to enable SSO functionality. Refer to the SSO documentation for a guide on SSO configuration.
More Info
Refer to the SSO documentation for more information.
Login Options¶
The login-experience can be altered with the following settings:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_LOGIN_CONFIRM_DAYS | login_confirm_days | Duration for which confirmation links are valid | 3 |
| INVENTREE_LOGIN_ATTEMPTS | login_attempts | Count of allowed login attempts before blocking user | 5 |
| INVENTREE_LOGIN_DEFAULT_HTTP_PROTOCOL | login_default_protocol | Default protocol to use for login callbacks (e.g. using SSO) | Uses the protocol specified in INVENTREE_SITE_URL, or defaults to http |
Default Protocol
If you have specified INVENTREE_SITE_URL, the default protocol will be used from that setting. Otherwise, the default protocol will be http.
Authentication Backends¶
Custom authentication backends can be used by specifying them here. These can for example be used to add LDAP / AD login to InvenTree
Sentry Integration¶
The InvenTree server can be integrated with the sentry.io monitoring service, for error logging and performance tracking.
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_SENTRY_ENABLED | sentry_enabled | Enable sentry.io integration | False |
| INVENTREE_SENTRY_DSN | sentry_dsn | Sentry DSN (data source name) key | Defaults to InvenTree developer key |
| INVENTREE_SENTRY_SAMPLE_RATE | sentry_sample_rate | How often to send data samples | 0.1 |
Default DSN
If enabled with the default DSN, server errors will be logged to a sentry.io account monitored by the InvenTree developers.
Customization Options¶
The logo and custom messages can be changed/set:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_CUSTOM_LOGO | customize.logo | Path to custom logo in the static files directory | Not specified |
| INVENTREE_CUSTOM_SPLASH | customize.splash | Path to custom splash screen in the static files directory | Not specified |
| INVENTREE_CUSTOMIZE | customize.site_header | Custom site header in the Django admin | InvenTree Admin |
| INVENTREE_CUSTOMIZE | customize.login_message | Custom message for login page | Not specified |
| INVENTREE_CUSTOMIZE | customize.navbar_message | Custom message for navbar | Not specified |
The INVENTREE_CUSTOMIZE environment variable must contain a json object with the keys from the table above and the wanted values. Example:
INVENTREE_CUSTOMIZE={"login_message":"Hello World"}
This example sets a login message. Take care of the double quotes.
If you want to remove the InvenTree branding as far as possible from your end-user also check the global server settings.
Custom Splash Screen Path
The provided custom splash screen path must be specified relative to the location of the /static/ directory.
Custom Logo Path
The provided custom logo path must be specified relative to the location of the /static/ directory.
Frontend Options¶
Set the INVENTREE_FRONTEND_SETTINGS Environment variable to a JSON object or use frontend_settings in the configuration file with the following options:
| Option | Description | Default |
|---|---|---|
base_url |
Set the base URL for the user interface. This is the UI path e.g. '/web/' | web |
api_host |
If provided, specify the API host | None |
server_list |
Set the server list. {} |
[] |
debug |
Set the debug mode | Server debug mode |
environment |
development or production |
development if Server is in debug mode |
show_server_selector |
In debug mode, show server selector by default. If no servers are specified, show server selector. | |
url_compatibility |
Support compatibility with "legacy" URLs? | true |
sentry_dsn |
Set a Sentry DSN url | Not specified |
mobile_mode |
Controls if InvenTree web UI can be used by mobile devices. There are 3 options: default - does not allow mobile devices; allow-ignore - shows a mobile device detected banner with a button to ignore this warning AT THE USERS OWN RISK; allow-always - skips the mobile check and allows mobile devices always (of course at the server admins OWN RISK) |
default |
E.g. to allow mobile devices to ignore the mobile check, use the following Environment variable:
INVENTREE_FRONTEND_SETTINGS='{"mobile_mode": "allow-ignore"}'
Plugin Options¶
The following plugin configuration options are available:
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| INVENTREE_PLUGINS_ENABLED | plugins_enabled | Enable plugin support | False |
| INVENTREE_PLUGIN_NOINSTALL | plugin_noinstall | Disable Plugin installation via API - only use plugins.txt file | False |
| INVENTREE_PLUGIN_FILE | plugins_plugin_file | Location of plugin installation file | Not specified |
| INVENTREE_PLUGIN_DIR | plugins_plugin_dir | Location of external plugin directory | Not specified |
| INVENTREE_PLUGINS_MANDATORY | plugins_mandatory | List of plugins which are considered mandatory | Not specified |
| INVENTREE_PLUGIN_DEV_SLUG | plugin_dev.slug | Specify plugin to run in development mode | Not specified |
| INVENTREE_PLUGIN_DEV_HOST | plugin_dev.host | Specify host for development mode plugin | http://localhost:5174 |
Override Global Settings¶
If required, global settings values can be overridden by the system administrator.
To override global settings, provide a "dictionary" of settings overrides in the configuration file, or via an environment variable.
| Environment Variable | Configuration File | Description | Default |
|---|---|---|---|
| GLOBAL_SETTINGS_OVERRIDES | global_settings_overrides | JSON object containing global settings overrides | Not specified |