privacyIDEA wthout pi.cfg

Hi there,
I have a server with PI installed by other person. It works correctly.

I’m trying to better understand it, but there is no “pi.cfg” file at all. Searched entire linux server (Centos 7.6 - privacyIDEA 3.3.3) and coudn’t find any pi.cfg file.

How is it possible?

ps -ef | grep python
root 3054 1 0 Sep20 ? 00:15:41 /opt/privacyidea/bin/python /opt/privacyidea/bin/pi-manage runserver --host

First of all, welcome to the privacyIDEA community.

There are several issues here:

  1. You should not use the development server for production use (pi-manage runserver starts the Flask development server). Use a WSGI-capable server software (apache, nginx, gunicorn, …) to serve the web-app.
  2. If no pi.cfg file is present, privacyIDEA uses the default values from here: privacyidea/ which should not be used in production as well since the predefined secrets are well known.

By default, privacyIDEA takes the configuration from /etc/privacyidea/pi.cfg but You can use the environment variable PRIVACYIDEA_CONFIGFILE to point to a different configuration file.