-
Notifications
You must be signed in to change notification settings - Fork 40
/
.env.example
282 lines (229 loc) · 14 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
# Default values are optimized for production to avoid having to configure
# much in production.
#
# However it should be easy to get going in development too. If you see an
# uncommented option that means it's either mandatory to set or it's being
# overwritten in development to make your life easier.
# Set this up to handle GitHub App configuration
# GITHUB_APP_ID=12345
# GITHUB_CERT=Base64-encoded-private-key
# Set this up to handle SalesForce OAuth credentials
# SALESFORCE_CLIENT_ID=3MVG9_ghE
# SALESFORCE_CLIENT_SECRET=703777B
# Set this up to handle Google OAuth credentials (ex: GoogleSheets)
# GOOGLE_CLIENT_ID=660274980707
# GOOGLE_CLIENT_SECRET=GOCSPX-ua
# Choose an admin email address and configure a mailer. If you don't specify
# mailer details the local test adaptor will be used and mail previews can be
# viewed at localhost:4000/dev/mailbox
# EMAIL_ADMIN='your@email.com'
# EMAIL_PROVIDER=local
# MAILGUN_API_KEY='some-key'
# MAILGUN_DOMAIN='some-domain'
# Require users to verify their email addresses
# REQUIRE_EMAIL_VERIFICATION=true
# You should generate a random string of 64+ characters for this value in prod.
# You can generate a secure secret by running: ./run secret
# SECRET_KEY_BASE=please_generate_a_more_secure_unique_secret_value_for_your_project
# Which environment is running? MIX_ENV should be "dev" or "prod" and NODE_ENV
# should be "production" or "development". When MIX_ENV is set to prod you'll
# automatically be set to build and run releases instead of using mix.
# MIX_ENV=prod
# NODE_ENV=production
# Override the default log level
# Must be a valid level, see: https://hexdocs.pm/logger/1.12.3/Logger.html#module-levels
# LOG_LEVEL=debug
# The URL that will be generated through out your app. When you combine all 3
# values it should be the URL that visitors access in their browser / client.
# URL_SCHEME=https
# URL_HOST=
# URL_PORT=443
# With browser HTTP clients, you can configure the origins from which you
# want to allow requests (comma separated).
# Example: CORS_ORIGINS=http://my.domain.com,https://my.other.domain.com
# CORS_ORIGINS=*
# If you're using a CDN you can customize which URL gets used for your static
# files. If left commented out it will fall back to using your URL_HOST.
# URL_STATIC_HOST=
# The address and bind port for the web server.
# (See: endpoint config in runtime.exs and Cowboy.)
# LISTEN_ADDRESS=127.0.0.1
# PORT=4000
# The time in seconds that needs to pass without data being provided before
# the Lightning web server kills the connection.
# IDLE_TIMEOUT=60
# The origins from which you want to allow requests (comma separated)
# ORIGINS=//localhost:*
# You can configure error reporting via Sentry by providing a DSN.
# SENTRY_DSN=https://some-url.ingest.sentry.io/some-id
# ==============================================================================
# <><><> JOB EXECUTION SETTINGS <><><>
# You can configure the max run duration for jobs and an additional grace period
# in seconds. Combined, these should be lower than the pod termination grace
# period if you are using Kubernetes.
# RUN_GRACE_PERIOD_SECONDS=10
# WORKER_MAX_RUN_DURATION_SECONDS=300
# TODO: these aren't specified in Runtime, do they belong to the worker process?
# WORKER_MAX_RUN_MEMORY_MB=500
# WORKER_CAPACITY=4
# MAX_DATACLIP_SIZE_MB=10
# WORKER_RUNS_PRIVATE_KEY="LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBeWJER3JEbFBWd05yWTA4czF3VkU5SktDSWhhditwT1ZXVSsyR2pSekFneEI5dW5CCjFrejdJQTh3SUIyZ1NseDhYWHlPZDA5QmhlMHBiRERxV2Q5YWV5OGZNb2tTMUVkcGFBT1k0YnRPYlIwbDFlM2wKazBQelBIc2lITWlFVWpTQm5yS2ZJZVJjd1VKK3NPaTQxVjYrTVV4V1FhSFBPTXRrWjRMNFdUOTVvV0paNG8wdQpQd0pXS0V0cmh3cHdoSldHeFl1Ym51TVhJdW1PTW5USFZ4cmlpdGRjODdyMDhuUTF3eDJjT3JkUkVBK25mWjVWCml6VHprUVFBTG1PNUI4V3IrS1ZYRW5HRUVHVTR2alRMYkQ5blAyclVXMXYvSFBTamgyZjlOaDlxd1RDQm04bGoKb1JBQ3BUTUhlS2VxYmpQOVgxM2V1bFp0a2hhK05kRndkeDdPZ1FJREFRQUJBb0lCQURrU2hkV2NUZ0F3WG9YMgpsSml2ekFodElOZm1sWnVSZ1pTSlF0MTlkQUhqV0JNM3FIc3N3MjhaL1NOSlh0OUw5b0U1eXRLbUljTjFEZUNvCm90Z1ZwUFB3cktKUE9YM0tTMkI4akJsc09GQVdER3ZSNnNIV1c1RUV3dTFrTEZWYXVFY2hBbmpEdHgrVTRtYkwKSStwMDZkcm5ZQTBvYll3RHVnQzBoZlF6U3diSVhaM3d6V25BVlRaZE4yTGFqRTA2UHRNSkxsSzZZZ3FyWmpObQpzeXpKSVgwRmg4WlFlOHZVMmF1U205UnIvTFhwMEN6TFpDYmxUT2RRcXlRdFQ3cHR5c2ZBUWZvZkkrMFNWcVZ2CkhqQUhaTU5ZZk9mSFJiMVBjVzFKdjZlSUJERFZiYXNCZVl5bWlQRStXVEpkOU1hbFNFSlI5NDFmaWFBQ1UwVEcKRlhLclQ4RUNnWUVBL0JaNEJvbkdONkVsQUd5akhldU42eXhka3JCUHJhUWh4am5ScEZxMGQzTjFISUdBS2pEVQpvQStEU0JzMG1NY2xRWm8yT1dHVTdZbzhwNkEzZVMyNTc2aVF6a1pndnNhS3hXcnFWTTBCRHdlOU5mdEYyVXQwCjhoczNZS1V2ek1yNEhiL1FTVFZkWldWZkR0YUdBY3kxTkFnVlRJcE9PK1FDTlk5V3p1cVVlT2tDZ1lFQXpOSVUKNm1HOGcxOUtqN1lJb3hmd1E1c3E1WGhWSk8zQ3MvVXpqSU5HKzNSRnZDWDRxd2VoTVdUY0NBVVFicnl5MGlJSApYdGpXR1B3clM5Z0JiZzdsS2VJdkdQYXRlZGhrZUNqMDJzVVp3SnZoUGowaHRXTnZWckRnb1doWG03M0xNUU1lCnRrOTdDejZta0J5RWw0VGcwMTVLL1JHK2hVLzl0aVhWRDBoUEtka0NnWUFqV0c4cDA0V0VaVWJQNFd1WmxWNkgKdStlKzJwUEJjQU1BVFRrVXgxY0liSnJlRFZaUUZCcXIrcURZcWwvY2tBZXNSQmdZUVpObEh2M1VMd1c0S3U0bwpLVVZzZHJlMzZCU3JDNHVocWtEY3Y2UUsvcGxUbDEzbFdHV1NXbmJ5U3Y4eEJLVUtycjNTcXIwQ1VwZmxock5kCmdVaWpPNzB1YnBEVXU2MWJRODdmaVFLQmdFQkhBYWRZaXNlVHBSdWFuZlZJOHU3VWlFN0JSNzh5R25OTlZTTVkKbzdNUUZ6NW5rRFZrVEpMcXV4Nk5NRTRBVEFJa0Nib2JSSDFNemUyY1dUNkgwQ1VueFc0SkpBSGtCZ3VybHNQOQpMUXJFSUpqZXFIQjdSeHFtb2FnbHpiQ2pqRnZTUmRZaTlWTmZFdmlRNm85K2RPd0FZSG94RW1CVjdTSTNsemlYCmtiaHBBb0dBYjBrVUVpanl0akZlUWJBRGYvRk92VlRVdmUxZW9PK3JuWmJ2V3NhVWhVSGRuMTdDUXc0Y1ZjK0UKbHQzWXhHVmMvNldIV3E3azB4YXBlVWJucEF4NjNIMTlNZTRjTmJFaXZSb2d4bzdHWERnRDIxbENGUHlCUmZKagpLN2g1VE1lQnRnZjhibGdrVzcxenkyWFdNWnBJRXVRT3ZCZjJqRVJuU0hYTDFrL2NObDQ9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg"
# WORKER_SECRET="dECXNlqctXJ/a+1FI4AaeLZY4Rp+Pxo23WwmJxC2xew="
# Start your app with RTM=false to manage your runtime manually. You might be
# doing this so that you can run `ws-worker` by hand on a local branch, rather
# than using the NPM installed version.
# RTM=false
# ------------------------------------------------------------------------------
# ==============================================================================
# <><><> DATABASE SETTINGS <><><>
# Disable SSL connections for Postgres
# In production mode, SSL connections are enforced by default - uncomment to
# disable this behaviour.
#DISABLE_DB_SSL=true
# You you're using Docker for postgres, set POSTGRES_USER and POSTGRES_PASSWORD
# since the postgres Docker image uses them for its default database user and
# password. The database URL will be composed from these variables:
# POSTGRES_USER=postgres
# POSTGRES_PASSWORD=password
# POSTGRES_HOST=localhost
# POSTGRES_PORT=5432
# POSTGRES_DB="lightning_dev"
# Alternatively, you can pass in a `DATABASE_URL` which will override any/all
# of the options passed in above.
# DATABASE_URL="postgresql://postgres:postgres@localhost:5432/lightning_dev"
# If you're not using docker, but running postgres locally and migrating/running
# using `env $(cat .env | grep -v "#" | xargs )` set the database url directly:
# DATABASE_URL=postgres://hello:password@localhost/lightning_dev
# ==============================================================================
# Generate secure keys, see ./DEPLOYMENT.md
# PRIMARY_ENCRYPTION_KEY=M1zzWU6Ego6jV/FUS7e/sj7yF9kRIutgR8uLQ9czrVc=
# Should Docker restart your containers if they go down in unexpected ways?
# See: https://docs.docker.com/config/containers/start-containers-automatically/#use-a-restart-policy
# DOCKER_RESTART_POLICY=unless-stopped
# What health check test command do you want to run? In development, having it
# curl your web server will result in a lot of log spam, so setting it to
# /bin/true is an easy way to make the health check do basically nothing.
# DOCKER_WEB_HEALTHCHECK_TEST=curl localhost:4000/health_check
# What ip:port should be published back to the Docker host for the app server?
# If you're using Docker Toolbox or a custom VM you can't use 127.0.0.1. This
# is being overwritten in dev to be compatible with more dev environments.
#
# If you have a port conflict because something else is using 4000 then you
# can either stop that process or change 4000 to be something else.
#
# Use the default in production to avoid having it directly accessible to
# the internet without assistance from a cloud based firewall.
# LIGHTNING_EXTERNAL_PORT=127.0.0.1:4000
# What volume path should be used? In dev we want to volume mount everything
# so we can develop our code without rebuilding our Docker images.
# Note that by mounting the whole project into the container, you will need to
# follow the Contributing steps in the README.
# LIGHTNING_VOLUME=.:/app
# What CPU and memory constraints will be added to your services? When left at
# 0, they will happily use as much as needed.
# DOCKER_POSTGRES_CPUS=0
# DOCKER_POSTGRES_MEMORY=0
# DOCKER_WEB_CPUS=0
# DOCKER_WEB_MEMORY=0
# Give this variable the value of true if you want the system to create a sample project for a new registered user
# INIT_PROJECT_FOR_NEW_USER=false
# Controls user access to the registration page.
# Set this variable to 'true' to allow users to access and use the registration page.
# Set it to 'false' to disable user registration and prevent access to the registration page.
# Default is 'false'.
# ALLOW_SIGNUP=false
# If not provided, PURGE_DELETED_AFTER_DAYS defaults to 7. Set to 0 to never purge deleted records.
# PURGE_DELETED_AFTER_DAYS=7
# To use https://plausible.io/ analytics, provide the SRC for your script and
# your data-domain below.
# PLAUSIBLE_SRC=https://plausible.io/js/script.js
# PLAUSIBLE_DATA_DOMAIN=openfn.org
# If you wish to enable PromEx-driven Prometheus/Grafana monitoring use the following:
# PROMEX_ENABLED=true
# PROMEX_GRAFANA_HOST=http://localhost:3000
# PROMEX_GRAFANA_USER=admin
# PROMEX_GRAFANA_PASSWORD=admin
# PROMEX_UPLOAD_GRAFANA_DASHBOARDS_ON_START=true
# PROMEX_DATASOURCE_ID=promex
# PROMEX_METRICS_ENDPOINT_AUTHORIZATION_REQUIRED=yes
# PROMEX_METRICS_ENDPOINT_TOKEN=foobar
# PROMEX_ENDPOINT_SCHEME=http
# The length of time a Run must remain in the `available` state before it is
# considered `stalled`.
# METRICS_STALLED_RUN_THRESHOLD_SECONDS=300
# The maximum age of a Run that will be considered when measuring Run performance.
# METRICS_RUN_PERFORMANCE_AGE_SECONDS=120
# The polling period for run queue metrics (defaults to 5 seconds).
# METRICS_RUN_QUEUE_METRICS_PERIOD_SECONDS=5
# To disable the reporting of anonymised metrics to the OpenFn Usage tracker, set
# USAGE_TRACKING_ENABLED to `false`.
# USAGE_TRACKING_ENABLED=false
# To submit cleartext UUIDs to the usage tracker (default: hashed_only),
# set USAGE_TRACKING_UUIDS=cleartext.
# USAGE_TRACKING_UUIDS=hashed_only
# By default, impact tracking metrics will be reported to
# https://impact.openfn.org. Use the below if you wish to change that.
# USAGE_TRACKER_HOST=https://impact.openfn.org
# Restrict the number of days that reports will be generated for with each run of
# `Lightning.UsageTracking.DayWorker. This will only have a noticeable effect in
# cases where there is a backlog (e.g when the Worker has not run for an extended
# period or where reports are being retroactively generated.
# USAGE_TRACKING_DAILY_BATCH_SIZE=10
# If an instance has been without internet access for an extended period, there
# may be reports that require resubmission. This variable restricts the number
# of reports resubmittd on each run.
# USAGE_TRACKING_RESUBMISSION_BATCH_SIZE=10
# Generating usage tracking reports can result in increased memory usage.
# Decreasing the run batch size shouls reduce the memory consumption.
# USAGE_TRACKING_RUN_CHUNK_SIZE=100
# OpenFn.org hosts a public sandbox that gets reset every night. If you'd like to
# make your instance "resettable" (a highly destructive action—this destroys all
# data in your instance) you can set the following environment variable to "yes"
# IS_RESETTABLE_DEMO=no
# Set to 'yes' to enable the *experimental* Kakfa Trigger functionality.
# KAFKA_TRIGGERS_ENABLED=no
#
# The number of messages per second that the Kafka consumer group will be allowed
# to forward. The lowest this value can be is 0.1 - this will be converted to
# 1 message every 10 seconds.
# KAFKA_NUMBER_OF_MESSAGES_PER_SECOND=1
#
# The number of Broadway processors that are downstream of the Kafka consumer.
# Increasing this number increases the concurrency with which messages are
# processed by the system, once received from the Kafka consumer.
# KAFKA_NUMBER_OF_PROCESSORS=1
#
# The number of consumers in the Kafka consumer group. Increasing this, increases
# the rate at which messages are consumed from the Kafka cluster.
# KAFKA_NUMBER_OF_CONSUMERS=1
#
# How long TriggerKafkaMessageRecord entries will be retained in the database.
# TriggerKafkaMessageRecord entries allow the Kafka pipeline to deduplicate
# incoming messages. Increasing this value increases deduplication coverage at
# the cost of increased database storage and eventually increased processing
# time.
# KAFKA_DUPLICATE_TRACKING_RETENTION_SECONDS=3600
#
# Under certain failure conditions, the Kafka pipeline will send an email
# notification. To prevent flooding the recipients, it will wait for a period
# before it sends the next email (assuming the failure condition persists).
# Changing this setting will affect the frequency of sending.
# KAFKA_NOTIFICATTION_EMBARGO_SECONDS=3600
#
# If the Kafka pipelines failed to persist a message, the message can be
# persisted as JSON to the local file system. To enable this, set
# KAFKA_ALTERNATE_STORAGE_ENABLED to 'yes'. Note if you choose to enable
# this you will also need to set KAFKA_ALTERNATE_STORAGE_FILE_PATH. For more
# details, please refer to the Kafka section of DEPLOYMENT.md.
# KAFKA_ALTERNATE_STORAGE_ENABLED=no
#
# The directory to which failed Kafka messages will be persisted if
# KAFKA_ALTERNATE_STORAGE_ENABLED is enabled. A per-workflow subdirectory
# will be created within this directory. The directory must exist when
# Lightning starts and it must be writable by the user that Lightning runs as.
# KAFKA_ALTERNATE_STORAGE_FILE_PATH=/path/to/alternate/storage
#
# This file to which the registry should be read from. In case the file doesnt
# exist, Lightning will attempt to fetch the file and write it to the same location.
# For this reason, you have to make sure that the directory exists and it is writable
# ADAPTORS_REGISTRY_JSON_PATH=/path/to/adaptor_registry_cache.json