Environmental variables
Luka Murn edited this page Oct 2, 2019
·
18 revisions
SciNote reads configuration parameters from system environment parameters. On production servers, this can simply be system environmental variables, while for development, a file config/application.yml can be created to specify those variables.
Below is an example application.yml file, which should get the server running; for full reference, check the dedicated section below to see all available variables.
# Secrets
SECRET_KEY_BASE: "<<secret_key_base>>"
PAPERCLIP_HASH_SECRET: "<<paperclip_hash_secret>>"
# File storage
# For local file storage
PAPERCLIP_STORAGE: "filesystem"
# For S3 file storage
#PAPERCLIP_STORAGE: "s3"
#AWS_ACCESS_KEY_ID: ""
#AWS_REGION: ""
#AWS_SECRET_ACCESS_KEY: ""
#S3_BUCKET: ""
#S3_HOST_NAME: ""
# Mailer settings
MAIL_FROM: "Example SciNote Assistant <assistant@yourdomain.com>"
MAIL_REPLYTO: "Example SciNote Assistant <assistant@yourdomain.com>"
SMTP_ADDRESS: "your.yoursmtp.com"
SMTP_PORT: "25"
SMTP_DOMAIN: "yoursmtp.com"
SMTP_USERNAME: "user@yoursmtp.com"
SMTP_PASSWORD: "<<smtp_password>>"
SMTP_AUTH_METHOD: "plain"
MAIL_SERVER_URL: "scinote.yourdomain.com"
# Sign-up process
NEW_TEAM_ON_SIGNUP: "true"
ENABLE_EMAIL_CONFIRMATIONS: "false"
ENABLE_USER_REGISTRATION: "true"The following section describes all available environmental variables for SciNote server.
| Variable | Mandatory | Description |
|---|---|---|
| SECRET_KEY_BASE | Yes | Random hash for Rails encryption. Can be generated by running rails secret. |
| PAPERCLIP_HASH_SECRET | Yes | Random key for generating Paperclip hash key for URLs. Can be generated by running rails secret. |
| DATABASE_URL | No* | Production database connection string. Mandatory in production environment. |
| DATABASE_DEV_URL | No | Development database connection string. Contains username, password, host and database. If not present default from database.yml will be used. |
| DATABASE_TEST_URL | No | Test database connection string. Contains username, password, host and database. If not present default from database.yml will be used. |
| Variable | Mandatory | Description |
|---|---|---|
| PAPERCLIP_STORAGE | Yes | Set to 's3' to store files on Amazon S3, or 'filesystem' to store files on local server. If storing on S3, additional parameters need to be specified. |
| AWS_SECRET_ACCESS_KEY | No* | If storing files on Amazon S3, this must contain access key for accessing AWS S3 API. |
| AWS_ACCESS_KEY_ID | No* | If storing files on Amazon S3, this must contain access key ID for AWS S3. |
| S3_BUCKET | No* | If storing files on Amazon S3, this must contain S3 bucket on which files are stored. |
| S3_HOST_NAME | No* | If storing files on Amazon S3, this must contain the S3 service host name. |
| AWS_REGION | No* | If storing files on Amazon S3, this must contain the AWS region. |
| Variable | Mandatory | Description |
|---|---|---|
| MAIL_FROM | Yes | The from address for emails sent from SciNote. |
| MAIL_REPLYTO | Yes | The reply to address for emails sent from SciNote. |
| SMTP_ADDRESS | Yes | The server address of the SMTP mailer used for delivering emails generated in SciNote. |
| SMTP_PORT | Yes | The port of the SMTP server. Defaults to 587. |
| SMTP_DOMAIN | Yes | The server domain of the SMTP mailer used for delivering emails generated in SciNote. |
| SMTP_USERNAME | Yes | The username for SMTP mailer used for delivering emails generated in SciNote. |
| SMTP_PASSWORD | Yes | The password for SMTP mailer used for delivering emails generated in SciNote. |
| SMTP_AUTH_METHOD | no | SMTP auth method to use, 'plain' is default value. MS Exchange might need 'login' auth method. |
| MAIL_SERVER_URL | Yes | The root URL address of the actual SciNote server. This is used in sent emails to redirect user to the correct SciNote server URL. Defaults to localhost. |
If Office365 is used as an SMTP provider (one of specific packages needs to be used, not all Office365 accounts support this feature), the following configuration need to be used for SMTP settings:
# MAIL_FROM and MAIL_REPLYTO must be same as SMTP_USERNAME!
# If using environmental file (e.g. production.env file for production environment),
# MAIL_FROM and MAIL_REPLYTO must be specified without quotation marks,
# e.g. : MAIL_FROM=your_microsoft_username@domain.com
MAIL_FROM: "<<your_microsoft_username@domain.com>>"
MAIL_REPLYTO: "<<your_microsoft_username@domain.com>>"
SMTP_ADDRESS: "smtp.office365.com"
SMTP_PORT: "587"
SMTP_USERNAME: "<<your_microsoft_username@domain.com>>"
SMTP_PASSWORD: "<<your_microsoft_password>>"
SMTP_AUTH_METHOD: "login"| Variable | Mandatory | Description |
|---|---|---|
| ENABLE_USER_REGISTRATION | No | Whether to publicly enable users to register/sign-up (otherwise, existing members need to invite them). Defaults to true. |
| NEW_TEAM_ON_SIGNUP | No | Enables the creation of new team for any new user on sign up. If set false no team will be created on sign up. Defaults to true. |
| ENABLE_EMAIL_CONFIRMATIONS | No | Whether to require users to confirm the following actions: signing-up, signing-up after being invited, and changing their e-mail. Defaults to true on development and production environments, and to false on test environment. |
| Initial admin user | ||
| ADMIN_NAME | No | If using seeding (rails db:seed), the initial admin user's username. Defaults to 'Admin'. |
| ADMIN_EMAIL | No | If using seeding (rails db:seed), the initial admin user's email. Defaults to 'admin@scinote.net'. |
| ADMIN_PASSWORD | No | If using seeding (rails db:seed), the initial admin user's password. Defaults to 'inHisHouseAtRlyehDeadCthulhuWaitsDreaming'. |
| reCaptcha | ||
| ENABLE_RECAPTCHA | No | Whether to enable Google reCaptcha on sign-up and confirm invitation pages. Defaults to false. |
| RECAPTCHA_SITE_KEY | No* | If using reCaptcha, this is the site key (see reCaptcha docs). |
| RECAPTCHA_SECRET_KEY | No* | If using reCaptcha, this is the secret key (see reCaptcha docs). |
| LinkedIn sign-in | ||
| LINKEDIN_SIGNIN_ENABLED | No | Set to true if integrating with LinkedIn for OAuth sign in/sign up. Defaults to 'false'. |
| LINKEDIN_KEY | No | If integrating with LinkedIn for Oauth sign in/sign up, the shared key. |
| LINKEDIN_SECRET | No | If integrating with LinkedIn for Oauth sign in/sign up, the shared secret. |
| Variable | Mandatory | Description |
|---|---|---|
| WOPI_ENABLED | No | Whether to enable Office Online integration. Defaults to false. |
| WOPI_TEST_ENABLED | No* | If using WOPI, whether to enable testing of WOPI integration by opening .wopitest files. Defaults to false. |
| WOPI_DISCOVERY_URL | No* | If using WOPI, this is the discovery URL provided by Microsoft. |
| WOPI_ENDPOINT_URL | No* | If using WOPI, this is the endpoint URL on which the WOPI API will be available. |
| USER_SUBDOMAIN | No* | If using WOPI, the only subdomain that will be allowed to access all non-WOPI routes. |
| WOPI_SUBDOMAIN | No* | If using WOPI, the WOPI subdomain. |
| WOPI_USER_HOST | No* | If using WOPI, the user host URL/domain. |
| WOPI_BUSINESS_USERS | No | If using WOPI, whether the users are business users or not. Defaults to false. |
| Variable | Mandatory | Description |
|---|---|---|
| DELAYED_WORKER_DESTROY_FAILED_JOBS | No | If you want to keep failed jobs, set DELAYED_WORKER_DESTROY_FAILED_JOBS to false. The failed jobs will be marked with non-null failed_at. Default to false |
| DELAYED_WORKER_SLEEP_DELAY | No | If no jobs are found, the worker sleeps for the amount of time specified by the sleep delay option. Default to 60 seconds. |
| DELAYED_WORKER_MAX_ATTEMPTS | No | The default is 6 attempts. After this, the job either deleted or left in the database with "failed_at" set depends on the DESTROY_FAILED_JOBS value |
| DELAYED_WORKER_MAX_RUN_TIME | No | The default DELAYED_WORKER_MAX_RUN_TIME is 30.minutes. If your job takes longer than that, another computer could pick it up. It's up to you to make sure your job doesn't exceed this time. You should set this for the longest time you think the job could take. |
| DELAYED_WORKER_READ_AHEAD | No | The defaults behavior is to read 10 jobs from the queue when finding an available job. You can configure this by setting. |
| DELAYED_WORKER_DEFAULT_QUEUE_NAME | No | Set the default queue name |
| Variable | Mandatory | Description |
|---|---|---|
| CORE_API_V1_ENABLED | No | Whether to enable V1 API or not. Defaults to false. |
| CORE_API_RATE_LIMIT | No | How many requests per minute are allowed on API, before middleware throttles them. Defaults to 1000. |
| CORE_API_SIGN_ALG | No | Signatures algorithm for API token exchange. Defaults to HS256. |
| CORE_API_TOKEN_TTL | No | Time to live of API tokens. Defaults to 30.minutes. |
| CORE_API_TOKEN_ISS | No | Issuer for API token exchange. Defaults to 'SciNote'. |
| Variable | Mandatory | Description |
|---|---|---|
| REPOSITORIES_LIMIT | No | The maximum number of Inventories allowed per team. Defaults to 5. |
| EXPORT_ALL_LIMIT_24_HOURS | No | The maximum number of project exports allowed per user per day. Defaults to 3. 0 value means infinite exports per day, while e.g. -1 can be used to disable the feature. |
| TRUSTED_IP | No | If using better errors gem in development mode, this should be set to local IP (e.g. '172.17.0.1'). |
| NEW_RELIC_LICENSE_KEY | No | New Relic code metrics license key, in case you want to log code metrics with New Relic service. |
| NO_TIKA_SERVER | No | Prevents Apache Tika text extractor from running as a daemon |
| SYSTEM_NOTIFICATIONS_URI | No | The URI endpoint of the service to retrieve system notifications from. |
| SYSTEM_NOTIFICATIONS_CHANNEL | No | The channel from which to retrieve system notifications. |