Configuration Reference
All settings are stored in the local SQLite database (settings table) as key-value pairs. Managed via Dashboard → Configuration or directly via ConfigManager.set(key, value).
System
| Key |
Default |
Description |
FRIENDLY_NAME |
DFACS Access Control |
Display name shown in portal and network discovery |
DEVICE_ID |
(auto-generated) |
Unique device identifier — 12 random chars + 4-digit MAC suffix |
DEBUG_LEVEL |
INFO |
Log verbosity: DEBUG, INFO, WARNING, ERROR |
ACCESS_LOG_RETENTION_DAYS |
90 |
Days to retain access log entries before auto-purge |
FAILSAFE_ENABLED |
true |
Auto-unlock door if memory usage exceeds 85% |
MODE |
API |
Operation mode: API (gym software) or Standalone (CSV) |
API_TYPE |
Antaris |
Active integration when MODE=API |
Hardware — Relay
| Key |
Default |
Description |
RELAY_PORT |
COM3 |
Serial port for relay controller |
RELAY_TYPE |
DragonFly |
Relay hardware: DragonFly, ABC, Dumb |
RELAY_DEFAULT_DURATION |
5 |
Door unlock duration in seconds |
RELAY_MONITOR_ENABLED |
false |
Enable DragonFly relay status monitoring |
RELAY_STATUS_INTERVAL |
5 |
Status check interval in seconds (DragonFly only) |
RELAY_TRACK_RTE |
false |
Track real-time entry sensor occupancy |
RELAY_AUX_TYPE |
RTE |
Auxiliary sensor type |
RELAY_AUX_NORMALLY_OPEN |
true |
Auxiliary relay wiring state |
DragonFly relay serial commands:
| Command |
Action |
0\n |
Unlock for RELAY_DEFAULT_DURATION seconds |
z\n |
Lock relay |
a\n |
Permanently unlock |
ACK\n |
Acknowledge RTE/occupancy counters |
Status response format: STATUS,<lock_state>,<rte_count>,<door_state>,<entry_count>[,<aux_status>]
Lock states: 0 = locked, 1 = temporarily unlocked, 2 = permanently unlocked
Hardware — Barcode Scanner
| Key |
Default |
Description |
BARCODE_PORT |
COM1 |
Serial port (leave blank for USB HID) |
Scanner constants (not configurable):
- Baud rate: 9600
- Debounce: 1.5 seconds between identical scans
- Protocol: CRLF line termination
Hardware — OSDP Reader
| Key |
Default |
Description |
OSDP_ENABLED |
false |
Enable OSDP protocol for card reader |
OSDP_PORT |
— |
Serial port for OSDP reader |
OSDP_BAUD_RATE |
9600 |
Serial baud rate |
OSDP_MASTER_KEY |
0000... |
AES-128 encryption key (32 hex chars) |
OSDP_LED_ALLOWED_COLOR |
Green |
LED color on granted access |
OSDP_LED_DENIED_COLOR |
Red |
LED color on denied access |
OSDP_LED_DURATION |
3 |
LED feedback duration in seconds |
OSDP_EVENT_CRED_TAILGATING |
— |
Card code for tailgating detection |
OSDP_EVENT_CRED_CROSSING |
— |
Card code for reverse crossing |
OSDP_EVENT_CRED_UNAUTHORIZED |
— |
Card code for unauthorized entry |
OSDP_EVENT_CRED_TAILGATING_KNOWN |
— |
Card code for known-user tailgating |
OSDP_EVENT_CRED_2FA_MISMATCH |
— |
Card code for 2FA mismatch |
Hardware — Alcatraz Rock (Biometric)
| Key |
Default |
Description |
ALCATRAZ_ENABLED |
false |
Enable Alcatraz facial authentication |
ALCATRAZ_API_URL |
https://platform.us.alcatraz.ai/api/v2 |
Alcatraz platform API |
ALCATRAZ_API_KEY |
— |
API credential |
ALCATRAZ_DEVICE_ID |
— |
Registered device ID |
ALCATRAZ_POLL_INTERVAL |
10 |
Fallback polling interval in seconds |
ALCATRAZ_AUTO_ENROLL |
false |
Enable automatic enrollment |
ALCATRAZ_AUTO_ENROLL_ON_SCAN |
false |
Enroll on first scan |
ALCATRAZ_AUTO_ENROLL_ON_SYNC |
false |
Enroll during barcode sync |
ALCATRAZ_AUTO_ENROLL_DAYS |
7 |
Days to auto-enroll new members |
ALCATRAZ_AUTO_ENROLL_BATCH_SIZE |
10 |
Members per enrollment batch |
ALCATRAZ_AUTO_ENROLL_INTERVAL |
5 |
Batch processing interval in minutes |
ALCATRAZ_IMAGE_RETENTION_GB |
10 |
Local image storage quota in GB |
ALCATRAZ_BADGE_PAD_ZEROS |
false |
Zero-pad badge numbers |
ALCATRAZ_BADGE_FINAL_LENGTH |
10 |
Final badge length after padding |
Integration — Antaris
| Key |
Default |
Description |
ANTARIS_API_SUBDOMAIN |
— |
Subdomain for CAAP API endpoint |
ANTARIS_API_PASSWORD |
— |
API credential |
ANTARIS_API_LOCATION |
— |
Location identifier |
ANTARIS_UPDATE_INTERVAL |
60 |
Sync interval |
ANTARIS_INTERVAL_UNIT |
seconds |
Unit: seconds, minutes, hours |
Integration — Glofox
| Key |
Default |
Description |
GLOFOX_API_URL |
— |
API base URL |
GLOFOX_API_KEY |
— |
API key |
GLOFOX_API_TOKEN |
— |
Bearer token |
GLOFOX_BRANCH_ID |
— |
Branch identifier |
GLOFOX_UPDATE_INTERVAL |
86400 |
Full sync interval in seconds |
GLOFOX_INTERVAL_UNIT |
seconds |
Interval unit |
Sync: full sync + daily delta. Webhooks supported.
Integration — Zenoti
| Key |
Default |
Description |
ZENOTI_API_KEY |
— |
API key |
ZENOTI_CENTER_ID |
— |
Center/location identifier |
ZENOTI_DELTA_SYNC_INTERVAL |
1 |
Incremental sync interval in days |
ZENOTI_FULL_SYNC_INTERVAL |
7 |
Full sync interval in days |
ZENOTI_CROSS_CENTER_EXPIRATION |
30 |
Cross-center membership validity in days |
ZENOTI_BARCODE_EXPIRATION_SECONDS |
3600 |
Barcode timestamp validity window |
ZENOTI_PAST_DUE_GRACE_DAYS |
0 |
Days past due before access is denied |
Integration — Paramount Acceptance
| Key |
Default |
Description |
PARAMOUNT_ENVIRONMENT |
Test |
Test or Production |
PARAMOUNT_BEARER_TOKEN |
— |
Bearer token credential |
PARAMOUNT_CLUB_AT |
— |
Club AT identifier |
PARAMOUNT_UPDATE_INTERVAL |
1 |
Sync interval in minutes |
Integration — ABC Financial
| Key |
Default |
Description |
ABC_APP_ID |
— |
Application ID |
ABC_APP_KEY |
— |
Application key (encrypted at rest) |
ABC_CLUB_NUMBER |
— |
Club identifier |
ABC_DOOR_ID |
— |
Door hardware ID |
ABC_DOOR_NAME |
— |
Door friendly name |
ABC_SYNC_TIME |
04:00 |
Daily sync time (24-hour) |
ABC_SYNC_PAGE_SIZE |
200 |
Records per sync batch |
ABC_OFFLINE_FIRST |
true |
Check local cache before API |
ABC_CODE |
DOOR_ACCESS |
Access code type |
ABC_OFFLINE_MAX_FAILURES |
3 |
Max API failures before alert |
ABC_OFFLINE_TIMEOUT_MS |
250 |
API timeout in milliseconds |
Integration — Fliip
| Key |
Default |
Description |
FLIIP_SECRET_KEY |
— |
API secret key |
Note: Fliip returns error messages in French — DFACS translates automatically.
Integration — Standalone CSV
| Key |
Default |
Description |
STANDALONE_CSV_FILE |
— |
Path to barcode CSV file |
STANDALONE_UPDATE_INTERVAL |
60 |
File re-read interval |
STANDALONE_INTERVAL_UNIT |
seconds |
Interval unit |
STANDALONE_OVERRIDE_MODE |
false |
Allow any barcode when true |
CSV format: one barcode per line, no header, UTF-8.
Scheduling
| Key |
Default |
Description |
ACCESS_SCHEDULES_ENABLED |
false |
Enable time-based access control |
SCHEDULE_PRECEDENCE_ENABLED |
true |
Use schedule precedence rules |
SCHEDULE_PRECEDENCE_MINUTES |
5 |
Manual override duration in minutes |
WAN / DFACSWAN Portal (MQTT)
| Key |
Default |
Description |
WAN_MQTT_BROKER |
portal.dragonflyacs.ai |
MQTT broker hostname |
WAN_MQTT_PORT |
8883 |
MQTT broker port (TLS) |
WAN_MQTT_USERNAME |
dfacs_client |
MQTT username |
WAN_MQTT_PASSWORD |
(encrypted) |
MQTT password |
WAN_MQTT_USE_TLS |
true |
TLS encryption |
AWS S3 (Alcatraz image storage)
| Key |
Default |
Description |
S3_BUCKET |
— |
S3 bucket name |
S3_ACCESS_KEY_ID |
— |
AWS access key |
S3_SECRET_ACCESS_KEY |
— |
AWS secret key (encrypted at rest) |
S3_REGION |
us-west-2 |
AWS region |
SMS / Twilio (local fallback)
| Key |
Default |
Description |
TWILIO_ACCOUNT_SID |
— |
Twilio account SID |
TWILIO_AUTH_TOKEN |
— |
Auth token (encrypted at rest) |
TWILIO_PHONE_NUMBER |
— |
Sender phone number |
Used as a fallback when MQTT-based SMS relay via DFACSWAN is unavailable.
Security Events
| Key |
Default |
Description |
SECURITY_EVENT_TAILGATING_ENABLED |
true |
Log tailgating events |
SECURITY_EVENT_UNAUTHORIZED_ENABLED |
true |
Log unauthorized entry events |
SECURITY_EVENT_CROSSING_ENABLED |
true |
Log reverse crossing events |
Security event types: tailgating_known, tailgating_unknown, crossing, unauthorized_entry, 2fa_mismatch
Notifications rate-limited to 1 per event type per 5 minutes.