feat(admin): add Configuration
parent
ce8f42eb79
commit
30aa708959
1 changed files with 85 additions and 0 deletions
85
Configuration.md
Normal file
85
Configuration.md
Normal file
|
@ -0,0 +1,85 @@
|
|||
# Configuration
|
||||
|
||||
TfStated is configured by setting environment variables.
|
||||
|
||||
## Mandatory environment variables
|
||||
|
||||
Two environment variables are required before TfStated can be started
|
||||
successfully.
|
||||
|
||||
### TFSTATED_DATA_ENCRYPTION_KEY
|
||||
|
||||
The `TFSTATED_DATA_ENCRYPTION_KEY` environment variable must contain the global
|
||||
encryption key used to encrypt sensitive information in the database. It must be
|
||||
a 32 bytes AES key encoded using Base64.
|
||||
|
||||
You can generate such a key using OpenSSL:
|
||||
|
||||
``` shell
|
||||
openssl rand -base64 32
|
||||
```
|
||||
|
||||
Do not lose this key or you will lose access to all the OpenTofu/Terraform
|
||||
states stored in TfStated!
|
||||
|
||||
### TFSTATED_SESSIONS_SALT
|
||||
|
||||
The `TFSTATED_DATA_SESSIONS_SALT` environment variable must contain the global
|
||||
salt used to hash the session identifiers in the database. It must be a 32 bytes
|
||||
AES key encoded using Base64.
|
||||
|
||||
You can generate such a key using OpenSSL:
|
||||
|
||||
``` shell
|
||||
openssl rand -base64 32
|
||||
```
|
||||
|
||||
Losing this key means invalidating all the webui sessions: users will just need
|
||||
to refresh their page and log in again.
|
||||
|
||||
## Optional environment variables
|
||||
|
||||
Most environment variables are completely optional and are provided sane
|
||||
defaults.
|
||||
|
||||
### TFSTATED_DEBUG
|
||||
|
||||
Setting the `TFSTATED_DEBUG` to any non empty value activates debug logs. Debug
|
||||
logs are very verbose and include the source file and line number of each log
|
||||
function call. This variable is only useful for development purposes and is
|
||||
empty by default.
|
||||
|
||||
### TFSTATED_HOST
|
||||
|
||||
The `TFSTATED_HOST` environment variable controls on which address the `backend`
|
||||
service listens on. Defaults to `127.0.0.1`.
|
||||
|
||||
### TFSTATED_PORT
|
||||
|
||||
The `TFSTATED_PORT` environment variable controls on which TCP port the
|
||||
`backend` service listens on. Defaults to `8080`.
|
||||
|
||||
### TFSTATED_VERSIONS_HISTORY_LIMIT
|
||||
|
||||
The `TFSTATED_VERSIONS_HISTORY_LIMIT` environment variable controls the minimum
|
||||
number of versions that need to be kept for each state file. Defaults to `128`.
|
||||
|
||||
### TFSTATED_VERSIONS_HISTORY_MINIMUM_DAYS
|
||||
|
||||
The `TFSTATED_VERSIONS_HISTORY_MINIMUM_DAYS` environment variable controls the
|
||||
minimum number of days for which to keep any state version. The way the
|
||||
retention feature is implemented means that state versions that are more recent
|
||||
than this number of days are not counted towards the
|
||||
`TFSTATED_VERSIONS_HISTORY_LIMIT`.
|
||||
|
||||
Defaults to `28`.
|
||||
|
||||
### TFSTATED_WEBUI_HOST
|
||||
|
||||
The `TFSTATED_WEBUI_HOST` environment variable controls on which address the
|
||||
`webui` service listens on. Defaults to `127.0.0.1`.
|
||||
|
||||
### TFSTATED_WEBUI_PORT
|
||||
|
||||
The `TFSTATED_WEBUI_PORT` environment variable controls on which TCP port the
|
||||
`webui` service listens on. Defaults to `8081`.
|
Loading…
Add table
Add a link
Reference in a new issue