ctfd-setup configuration file (SchemaStore) JSON Schema

Type	Config
File match	`.ctfd.yaml`
Schema URL	https://catalog.lintel.tools/schemas/schemastore/ctfd-setup-configuration-file/latest.json
Source	https://www.schemastore.org/ctfd.json

Accounts object

Accounts parameters, like rate limiting or default permissions

domain_whitelist string

The domain whitelist (a list separated by colons) to allow users to have email addresses from

domain_blacklist string

The domain blacklist (a list separated by colons) to blocks users to have email addresses from

verify_emails boolean

Whether to verify emails once a user register or not

team_creation boolean

Whether to allow team creation by players or not

team_size integer

Maximum size (number of players) in a team

password_min_length integer

Minimal length of passwords

num_teams integer

The total number of teams allowed

num_users integer

The total number of users allowed

team_disbanding string

Whether to allow teams to be disbanded or not. Could be inactive_only or disabled

incorrect_submissions_per_minute integer

Maximum number of invalid submissions per minute (per user/team). We suggest you use it as part of an anti-brute-force strategy (rate limiting)

name_changes boolean

Whether a user can change its name or not

Admin object

Admin accesses

name object | string required

email object | string required

password object | string required

Appearance object

Appearance of the CTFd

name string required

The name of your CTF, displayed as is

description string required

The description of your CTF, displayed as is

default_locale string

The default language for the users

Challenges object

Challenge-related configurations

view_self_submissions boolean required

Whether a player can see itw own previous submissions

max_attempts_behavior string required

The behavior to adopt in case a player reached the submission rate limiting

Default: "lockout"

Values: "lockout" "timeout"

max_attempts_timeout integer required

The duration of the submission rate limit for further submissions

hints_free_public_access boolean required

Control whether users must be logged in to see free hints

challenge_ratings string required

Who can see and submit challenge ratings

Default: "public"

Values: "public" "private" "disabled"

Config object

appearance object required

Appearance of the CTFd

3 nested properties

name string required

The name of your CTF, displayed as is

description string required

The description of your CTF, displayed as is

default_locale string

The default language for the users

admin object required

Admin accesses

3 nested properties

name object | string required

email object | string required

password object | string required

theme object

Theme displayed to end-users

7 nested properties

logo object | string

small_icon object | string

name string

The frontend theme name

Default: "core"

color string

The frontend theme color

header object | string

footer object | string

settings object | string

accounts object

Accounts parameters, like rate limiting or default permissions

11 nested properties

domain_whitelist string

The domain whitelist (a list separated by colons) to allow users to have email addresses from

domain_blacklist string

The domain blacklist (a list separated by colons) to blocks users to have email addresses from

verify_emails boolean

Whether to verify emails once a user register or not

team_creation boolean

Whether to allow team creation by players or not

team_size integer

Maximum size (number of players) in a team

password_min_length integer

Minimal length of passwords

num_teams integer

The total number of teams allowed

num_users integer

The total number of users allowed

team_disbanding string

Whether to allow teams to be disbanded or not. Could be inactive_only or disabled

incorrect_submissions_per_minute integer

Maximum number of invalid submissions per minute (per user/team). We suggest you use it as part of an anti-brute-force strategy (rate limiting)

name_changes boolean

Whether a user can change its name or not

challenges object

Challenge-related configurations

5 nested properties

view_self_submissions boolean required

Whether a player can see itw own previous submissions

max_attempts_behavior string required

The behavior to adopt in case a player reached the submission rate limiting

Default: "lockout"

Values: "lockout" "timeout"

max_attempts_timeout integer required

The duration of the submission rate limit for further submissions

hints_free_public_access boolean required

Control whether users must be logged in to see free hints

challenge_ratings string required

Who can see and submit challenge ratings

Default: "public"

Values: "public" "private" "disabled"

pages object

Pages global configuration

2 nested properties

robots_txt object | string

additional Page[]

major_league_cyber object

MajorLeagueCyber credentials to register the CTF

2 nested properties

client_id string

The MajorLeagueCyber OAuth ClientID

client_secret string

The MajorLeagueCyber OAuth Client Secret

settings object

Settings for resources visibility

5 nested properties

challenge_visibility string

The visibility for the challenges. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "private"

Values: "public" "private" "admins"

account_visibility string

The visibility for the accounts. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

score_visibility string

The visibility for the scoreboard. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

registration_visibility string

The visibility for the registration. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

paused boolean

Whether the CTFd is paused or not

security object

Security of contents and accesses

2 nested properties

html_sanitization boolean

Whether to turn on HTML sanitization or not

registration_code string

The registration code (secret) to join the CTF

email object

Email rules and server credentials

12 nested properties

registration object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

confirmation object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

new_account object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

password_reset object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

password_reset_confirmation object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

from string

The 'From:' to sent to mail with

server string

The mail server to use

port string

The mail server port to reach

username string

The username to log in to the mail server

password string

The password to log in to the mail server

tls_ssl boolean

Whether to turn on TLS/SSL or not

starttls boolean

Whether to turn on STARTTLS or not

time object

Time settings of the CTF

4 nested properties

start string

The start timestamp at which the CTFd will open

end string

The end timestamp at which the CTFd will close

freeze string

The freeze timestamp at which the CTFd will remain open but won't accept any further submissions

view_after boolean

Whether allows users to view challenges after end or not

social object

Social network configuration

2 nested properties

shares boolean

Whether to enable users share they solved a challenge or not

template object | string

legal object

Legal contents for players

2 nested properties

tos object required

2 nested properties

url string

The URL to access the content

content object | string

privacy_policy object required

2 nested properties

url string

The URL to access the content

content object | string

mode string

The mode of your CTFd, either users or teams

Default: "users"

Values: "users" "teams"

uploads Upload[]

Email object

Email rules and server credentials

registration object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

confirmation object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

new_account object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

password_reset object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

password_reset_confirmation object required

2 nested properties

subject string

Subject of the email

body string

Body (or content) or the email

from string

The 'From:' to sent to mail with

server string

The mail server to use

port string

The mail server port to reach

username string

The username to log in to the mail server

password string

The password to log in to the mail server

tls_ssl boolean

Whether to turn on TLS/SSL or not

starttls boolean

Whether to turn on STARTTLS or not

EmailContent object

subject string

Subject of the email

body string

Body (or content) or the email

ExternalReference object

url string

The URL to access the content

content object | string

File object | string

FromEnv object | string

Legal object

Legal contents for players

tos object required

2 nested properties

url string

The URL to access the content

content object | string

privacy_policy object required

2 nested properties

url string

The URL to access the content

content object | string

MajorLeagueCyber object

MajorLeagueCyber credentials to register the CTF

client_id string

The MajorLeagueCyber OAuth ClientID

client_secret string

The MajorLeagueCyber OAuth Client Secret

Page object

Page to configure and display on the CTFd

title string required

Title of the page

route string required

Route to serve

content object | string required

format string

Format to consume the content

Default: "markdown"

Values: "markdown" "html"

draft boolean

Set the page as a draft

Default: false

hidden boolean

Hide or show the page to users

Default: false

auth_required boolean

Configure whether the page require authentication or not

Default: false

Pages object

Pages global configuration

robots_txt object | string

additional Page[]

Security object

Security of contents and accesses

html_sanitization boolean

Whether to turn on HTML sanitization or not

registration_code string

The registration code (secret) to join the CTF

Settings object

Settings for resources visibility

challenge_visibility string

The visibility for the challenges. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "private"

Values: "public" "private" "admins"

account_visibility string

The visibility for the accounts. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

score_visibility string

The visibility for the scoreboard. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

registration_visibility string

The visibility for the registration. Please refer to CTFd documentation (https://docs.ctfd.io/docs/settings/visibility-settings/)

Default: "public"

Values: "public" "private" "admins"

paused boolean

Whether the CTFd is paused or not

Social object

Social network configuration

shares boolean

Whether to enable users share they solved a challenge or not

template object | string

Theme object

Theme displayed to end-users

logo object | string

small_icon object | string

name string

The frontend theme name

Default: "core"

color string

The frontend theme color

header object | string

footer object | string

settings object | string

Time object

Time settings of the CTF

start string

The start timestamp at which the CTFd will open

end string

The end timestamp at which the CTFd will close

freeze string

The freeze timestamp at which the CTFd will remain open but won't accept any further submissions

view_after boolean

Whether allows users to view challenges after end or not

Upload object

Upload defines a file or content to upload as per the setup

file object | string required

location string required

Where to upload it. This enables to use a file at a static location in, e.g., custom pages

ctfd-setup configuration file

Validate with Lintel

Definitions