Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
comanage-match/docs/comanage-match-common-environment-variables.md
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
135 lines (102 sloc)
4.51 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- | |
COmanage Docker documentation | |
Portions licensed to the University Corporation for Advanced Internet | |
Development, Inc. ("UCAID") under one or more contributor license agreements. | |
See the NOTICE file distributed with this work for additional information | |
regarding copyright ownership. | |
UCAID licenses this file to you under the Apache License, Version 2.0 | |
(the "License"); you may not use this file except in compliance with the | |
License. You may obtain a copy of the License at: | |
http://www.apache.org/licenses/LICENSE-2.0 | |
Unless required by applicable law or agreed to in writing, software | |
distributed under the License is distributed on an "AS IS" BASIS, | |
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
See the License for the specific language governing permissions and | |
limitations under the License. | |
--> | |
# Environment Variables Common to All Images | |
The environment variables detailed below apply to all COmanage | |
Match images in this repository. | |
## Using Files to Inject Secrets | |
The COmanage Match images support the convention of an associated | |
environment variable ending with ```_FILE``` to indicate a path | |
relative to the container from which the value for an environment | |
variable should be read. | |
For example if the environment variable ```COMANAGE_MATCH_DATABASE_USER_PASSWORD_FILE``` | |
exists and its value is the path to a readable file, then the contents of the | |
file will be read into the environment variable ```COMANAGE_MATCH_DATABASE_USER_PASSWORD```. | |
If both an environment variable and the associated ```_FILE``` environment variable | |
are defined the associated ```_FILE``` environment variable takes precedence, | |
provided that the file it points to exists and is readable. | |
## Environment Variables | |
```COMANAGE_MATCH_ADMIN_USERNAME``` | |
* Description: Username name for first platform administrator | |
* Required: yes | |
* Default: match.admin | |
* Example: julia.janseen@my.org | |
* Note: \[[1](#note01)\] | |
```COMANAGE_MATCH_DATASOURCE``` | |
* Description: database type | |
* Required: yes | |
* Default: Database/Postgres | |
* Example: Database/Postgres | |
* Note: \[[2](#note02)\] | |
```COMANAGE_MATCH_DATABASE``` | |
* Description: database name | |
* Required: yes | |
* Default: match | |
* Example: comanage_match | |
* Note: \[[2](#note02)\] | |
```COMANAGE_MATCH_DATABASE_HOST``` | |
* Description: database server host | |
* Required: yes | |
* Default: comanage-match-database | |
* Example: database-server.my.org | |
* Note: \[[2](#note02)\] | |
```COMANAGE_MATCH_DATABASE_USER``` | |
* Description: database username | |
* Required: yes | |
* Default: match_user | |
* Example: comanage-user | |
* Note: \[[2](#note02)\] | |
```COMANAGE_MATCH_DATABASE_USER_PASSWORD``` | |
* Description: database user password | |
* Required: yes | |
* Default: password | |
* Example: O5Yhtt6TLOxNjo93fmB9 | |
* Note: \[[2](#note02)\] | |
```COMANAGE_MATCH_SECURITY_SALT``` | |
* Description: Security salt used when hashing. Must be 40 or more characters from the set [0-9a-zA-Z]. | |
* Required: no | |
* Default: automatically generated if not provided | |
* Example: VuUq2mnXC0Cco8uKcjO1rDdP2lVC3lgP970QP2XY | |
* Note: If present the environment variable is read the first time the container is | |
started and written to the persistent volume (or bind mount) in the | |
configuration file ```security.salt```. Later changes to the environment | |
variable are *not* reflected in the file which must be | |
edited directly. | |
```COMANAGE_MATCH_VIRTUAL_HOST_FQDN``` | |
* Description: Apache HTTP Server virtual host name | |
* Required: no | |
* Default: Obtained from inspecting HTTPS x509 certificate file if present, otherwise "unknown" | |
* Example: match.my.org | |
```HTTPS_CERT_FILE``` | |
* Description: path to file containing x509 certificate for HTTPS | |
* Required: no | |
* Default: automatically generated self-signed certificate | |
* Example: /run/secrets/https_cert_file | |
* Note: The path is relative to the running container. | |
```HTTPS_PRIVKEY_FILE``` | |
* Description: path to file containing x509 private key for HTTPS | |
* Required: no | |
* Default: automatically generated private key | |
* Example: /run/secrets/https_privkey_file | |
* Note: The path is relative to the running container. | |
\[<a name="note01">1</a>\]: The environment variable is read the first time the container is | |
started and saved to the COmanage Match database. Later changes to the environment | |
variable are *not* reflected in the database state. | |
\[<a name="note02">2</a>\]: The environment variable is read the first time the container is | |
started and written to the persistent volume (or bind mount) in the | |
configuration file ```database.php```. Later changes to the environment | |
variable are *not* reflected in the configuration file which must be | |
edited directly. |