Provider configuration | Environment variables
boruta-server is configured at runtime with environment variables. Those variables define secrets, database connections, public URLs, gateway listeners, service discovery, static configuration files, administration bootstrap values, and DID service integrations.
Core server variables
SECRET_KEY_BASE is the Phoenix secret key base used by the server. It must be at least 64 characters long.
BORUTA_SESSION_COOKIE_KEY defines the session cookie key shared by the web, identity, and administration endpoints. Defaults to _boruta_web_key.
BORUTA_SESSION_COOKIE_SIGNING_SALT defines the signing salt used for the shared session cookie. Defaults to OCKBuS86.
BORUTA_REMEMBER_ME_COOKIE defines the identity remember-me cookie name. Defaults to _boruta_identity_web_user_remember_me.
MAX_LOG_RETENTION_DAYS defines how many days server logs are retained. Defaults to 60.
Database variables
POSTGRES_USER defines the PostgreSQL user used by boruta applications.
POSTGRES_PASSWORD defines the PostgreSQL password used by boruta applications.
POSTGRES_DATABASE defines the PostgreSQL database name.
POSTGRES_HOST defines the PostgreSQL host.
POOL_SIZE defines the PostgreSQL pool size of each application. The total connection count depends on the applications enabled in the release. Defaults to 5.
Cluster variables
LIBCLUSTER_HOSTS defines a comma-separated list of Erlang node names used for Docker Compose discovery, for example boruta@boruta-1,boruta@boruta-2.
K8S_NAMESPACE configures Kubernetes service discovery when it is set together with K8S_SELECTOR.
K8S_SELECTOR configures Kubernetes service discovery when it is set together with K8S_NAMESPACE.
Administration variables
BORUTA_ADMIN_OAUTH_CLIENT_ID defines the OAuth client id used by the administration interface. It is used when seeding the default administration client.
BORUTA_ADMIN_OAUTH_CLIENT_SECRET defines the OAuth client secret used by the administration interface. It is used when seeding the default administration client.
BORUTA_ADMIN_OAUTH_BASE_URL defines the authorization server base URL used by the administration interface, without trailing slash.
BORUTA_ADMIN_EMAIL defines the first administration user email. It is used by the setup task.
BORUTA_ADMIN_PASSWORD defines the first administration user password. It is used by the setup task.
BORUTA_ADMIN_HOST defines the public host where the administration server is deployed.
BORUTA_ADMIN_BIND defines the IP address the administration server binds to.
BORUTA_ADMIN_PORT defines the port where the administration server listens. Defaults to 8081 in releases.
BORUTA_ADMIN_BASE_URL defines the administration HTTP endpoint base URL, without trailing slash.
BORUTA_SUB_RESTRICTED restricts administration access to a single user id when set.
BORUTA_ORGANIZATION_RESTRICTED restricts administration access to a single organization id when set.
OAuth server variables
BORUTA_OAUTH_SCHEME defines the scheme used for OAuth URL generation. Defaults to https.
BORUTA_OAUTH_HOST defines the public host where the OAuth server is deployed.
BORUTA_OAUTH_BIND defines the IP address the OAuth server binds to. Defaults to ::.
BORUTA_OAUTH_PORT defines the port where the OAuth server listens. Defaults to 8080 in releases.
BORUTA_OAUTH_ACCEPTORS defines the number of acceptor processes for the OAuth server. Defaults to 8.
BORUTA_OAUTH_BASE_URL defines the OAuth server HTTP endpoint base URL, without trailing slash.
Gateway variables
BORUTA_GATEWAY_SERVER enables the HTTP gateway listener. Defaults to false in releases.
BORUTA_GATEWAY_PORT defines the HTTP gateway port. Defaults to 8083.
BORUTA_GATEWAY_HTTPS_SERVER enables the HTTPS gateway listener. Defaults to false.
BORUTA_GATEWAY_HTTPS_PORT defines the HTTPS gateway port. Defaults to 8043.
BORUTA_GATEWAY_HTTPS_VERIFY_CLIENT_CERTIFICATE requires and verifies client certificates on the HTTPS gateway listener. Defaults to false.
BORUTA_GATEWAY_SIDECAR enables the HTTP sidecar gateway listener. Defaults to false in releases.
BORUTA_GATEWAY_SIDECAR_PORT defines the HTTP sidecar gateway port. Defaults to 8084.
BORUTA_GATEWAY_SIDECAR_HTTPS_SERVER enables the HTTPS sidecar gateway listener. Defaults to false.
BORUTA_GATEWAY_SIDECAR_HTTPS_PORT defines the HTTPS sidecar gateway port. Defaults to 8044.
BORUTA_GATEWAY_SIDECAR_HTTPS_VERIFY_CLIENT_CERTIFICATE requires and verifies client certificates on the HTTPS sidecar gateway listener. Defaults to false.
BORUTA_GATEWAY_PROXY_SERVER enables the HTTP forward proxy listener. Defaults to false in releases.
BORUTA_GATEWAY_PROXY_PORT defines the HTTP forward proxy port. Defaults to 5555.
BORUTA_GATEWAY_HTTPS_PROXY_SERVER enables the HTTPS forward proxy listener. Defaults to false in releases.
BORUTA_GATEWAY_HTTPS_PROXY_PORT defines the HTTPS forward proxy port. Defaults to 4444.
BORUTA_GATEWAY_ACCEPTORS defines the number of acceptor processes for gateway, sidecar, and proxy listeners. Defaults to 8.
BORUTA_GATEWAY_CONFIGURATION_PATH defines the path containing the gateway static configuration file. Defaults to config/example-configuration.yml in releases.
Static configuration variables
BORUTA_CONFIGURATION_PATH defines the path containing the boruta static configuration file.
DID service variables
DID_RESOLVER_BASE_URL defines the DID resolver API endpoint, according to the W3C DID resolution specification. Defaults to https://api.godiddy.com/1.0.0/universal-resolver.
DID_REGISTRAR_BASE_URL defines the DID registrar API endpoint, according to the DID registration specification. Defaults to https://api.godiddy.com/1.0.0/universal-registrar.
DID_SERVICES_API_KEY defines the API key granting access to DID resolver and registrar services.