Environment variables

#Environment variables ##Environment variables

ANALYTICS_BATCH_INTERVAL

Analytics batch interval

How long to wait before sending batched analytics events to Google Analytics if batch size has not been exceeded.

Default value:

10000

Example value:

ANALYTICS_BATCH_INTERVAL=10000

ANALYTICS_BATCH_SIZE

Analytics batch size

How many analytics events to batch before sending data to Google Analytics. Max 20.

Default value:

10

Example value:

ANALYTICS_BATCH_SIZE=8080

AWS_USE_EMPTY_CREDENTIALS

Use empty AWS credentials

Set to true to use empty credentials for AWS. Only set if you use AWS mocks that do not require credentials.

Example value:

AWS_USE_EMPTY_CREDENTIALS=false

CORS_ALLOWED_ADDITIONAL_HEADERS

CORS allowed additional headers

Any extra headers (other than Accept,Authorization,Content-Type,If-None-Match) used by the service that should be allowed when CORS in IMSG is activated.

Default value:

[]

Example value:

CORS_ALLOWED_ADDITIONAL_HEADERS=service-custom-header

CORS_ALLOWED_ORIGINS

CORS allowed origins

Origins that should be allowed by Access-Control-Allow-Origin. This will override the service's CORS configuration

Default value:

[]

Example value:

CORS_ALLOWED_ORIGINS="https://example.com, https://foo.bar"

CORS_ALLOW_ANY_HEADERS

CORS allow any headers

Allow any headers in CORS. This will reflect the value of access-control-request-headers into the response access-control-allow-headers. Use with care.

Example value:

CORS_ALLOW_ANY_HEADERS=true

ECS_CONTAINER_METADATA_FILE

Do not set manually. Filepath to the ECS container metadata file. Set automatically by ECS if ECS_ENABLE_CONTAINER_METADATA is set.

Example value:

ECS_CONTAINER_METADATA_FILE=/var/lib/ecs/data/metadata/*task_id*/*container_name*/ecs-container-metadata.json

ENABLE_API_DOCUMENTATION

Set to true to enable Swagger API documentation

Example value:

ENABLE_API_DOCUMENTATION=false

FIREHOSE_ACCESS_KEY

IAM user access key

The access key for the IAM user connected to the specific Firehose stream.

Example value:

FIREHOSE_ACCESS_KEY=UA-000000-2

FIREHOSE_AWS_REGION

AWS region

The aws region where the Firehose is install at

Example value:

FIREHOSE_AWS_REGION=UA-000000-2

FIREHOSE_HOST_PATH

Firehose host path

The host path to where the Firehose is installed. Mostly used in testing

Example value:

FIREHOSE_HOST_PATH=http://firehose.com

FIREHOSE_SECRET_KEY

IAM user secret key

The secret key for the IAM user connected to the specific Firehose stream.

Example value:

FIREHOSE_SECRET_KEY=UA-000000-2

FIREHOSE_STREAM_NAME

Firehose stream name

The chosen name of the Firehose Delivery stream to send data to.

Example value:

FIREHOSE_STREAM_NAME=imid-firehose

GRACE_PERIOD_TTL

State API grace period

How long to stay in grace once connection to the state API is lost. Defaults to 60 minutes.

Default value:

3600000

Example value:

GRACE_PERIOD_TTL=3600000

IMAS_URL

IMAS URL

URL to IMAS

Example value:

IMAS_URL=https://example.com

IMID_COOKIE_DOMAINS

IMID cookie domains

Domains to restrict the IMID cookies to. Usually infomaker.io

Default value:

[ 'infomaker.io' ]

Example value:

IMID_COOKIE_DOMAINS=example.com

IMID_COOKIE_PREFIX

IMID cookie prefix

Prefix to apply to IMID token cookie. Defaults to none.

Ex. if set to "dev", the cookie name will be "dev_imidToken"

In production this should always be unset.

Example value:

IMID_COOKIE_PREFIX=prod

IMID_COOKIE_SAME_SITE

IMID cookie SameSite

Sets the SameSite directive on the IMID token cookie. Defaults to Lax. If set to 'none', the SameSite` directive will not be set.

In production this should always be unset or set to lax`

Default value:

'Lax'

Example value:

IMID_COOKIE_SAME_SITE=Lax

IMID_COOKIE_SECURE

IMID cookie Secure

If the Secure flag should be set on the IMID token cookie. Defaults to true.

In production this should always be unset or set to true

Default value:

true

Example value:

IMID_COOKIE_SECURE=true

IM_LOG_LEVEL

Log level

Log level used by Bunyan. See Bunyan docs - Levels for details

Default value:

'debug'

Example value:

IM_LOG_LEVEL=debug

IM_LOG_NAME

Log name

Log name used by Bunyan. See Bunyan docs - Introduction for details

Default value:

'imsg'

Example value:

IM_LOG_NAME="My service"

INCLUDE_GROUPS_IN_SERVICE_TOKEN

Will perserve the groups claim from IMID token in the Service Token

Example value:

INCLUDE_GROUPS_IN_SERVICE_TOKEN=true

INCLUDE_IMID_TOKEN_IN_REQUEST

Include IMID token in request

If enabled, authenticated requests to the service will contain the IMID token in the x-imid-token header. Note: Always make sure this header is never exposed. Only enable if access to the IMID token is necessary.

Example value:

INCLUDE_IMID_TOKEN_IN_REQUEST=false

INTERNAL_SERVICE_URL

Internal service URL

URL where the service protected by IMSG can be reached

Example value:

INTERNAL_SERVICE_URL=https://example.com

LEGACY_MODE_ONLY_INCLUDE_UNITS_WITH_EXPLICITLY_MAPPED_PERMISSIONS_IN_SERVICE_TOKEN

Should only be set for legacy services not yet updated. If set, units without explicit permissions will not be included in the service token and org permissions for those units are ignored.

Example value:

LEGACY_MODE_ONLY_INCLUDE_UNITS_WITH_EXPLICITLY_MAPPED_PERMISSIONS_IN_SERVICE_TOKEN=true

ONLY_ACCEPT_ID_TOKENS

Only accept ID tokens

If enabled, only ID tokens will be accepted as valid tokens. Access tokens will be rejected with an invalid token type error.

Example value:

ONLY_ACCEPT_ID_TOKENS=false

PORT

HTTP port

Port to run the HTTP server on

Example value:

PORT=8080

REFRESH_BACKOFF_TIMEOUT

Modify refresh backoff timeout

Do not modify unless for tests. Changes the default backoff time when refresh fails with other than 403 error.

Default value:

30000

Example value:

REFRESH_BACKOFF_TIMEOUT=10000

SERVICE_ADMIN_INFOMAKER_GROUPS

Service admin Infomaker groups

Infomaker groups which should make subscribers service admininstrator for this service.

Default value:

[]

Example value:

SERVICE_ADMIN_INFOMAKER_GROUPS="Writer team, Dashboard team"

SERVICE_MAINTAINER

Service maintainer

Email or name used to identify who is responsible for the service.

Default value:

'No maintainer'

Example value:

[email protected]

SERVICE_NAME

Service name

Name of the service protected by IMSG

Default value:

'imsg'

Example value:

SERVICE_NAME=Writer

SERVICE_TOKEN_SIGN_SECRET

Service token secret

Shared secret between IMSG and the service protected by IMSG

Example value:

SERVICE_TOKEN_SIGN_SECRET=so-secret

STATE_API_READ_SECRET

Internal API secret

Secret used to access state API.

Example value:

STATE_API_READ_SECRET=so-secret

STATE_API_STARTUP_TIMEOUT

State API grace period

How long to wait for startup before timing out.

Example value:

STATE_API_STARTUP_TIMEOUT=10000

STATE_API_URL

AWS region

URL to state API.

Example value:

STATE_API_URL=https://example.com

TELEMETRY_API_URL

Telemetry API URL

URL to telemetry API

Example value:

TELEMETRY_API_URL=https://example.com