-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathenv.template
More file actions
59 lines (53 loc) · 2.32 KB
/
env.template
File metadata and controls
59 lines (53 loc) · 2.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# This is the .env file used to setup Rocketgraph xGT and Mission Control. See
# https://github.com/Rocketgraphai/rocketgraph/blob/main/README.md for
# details about what the different environment variables do.
COMPOSE_PROJECT_NAME=rocketgraph
# Mission Control Configuration
#MC_FRONTEND_IMAGE=docker.io/rocketgraph/mission-control-frontend:latest
#MC_BACKEND_IMAGE=docker.io/rocketgraph/mission-control-backend:latest
#MC_PORT=80
#MC_SSL_PORT=443
#MC_DEFAULT_XGT_HOST=localhost
#MC_DEFAULT_XGT_PORT=4367
#MC_IBM_IACCESS_PATH=/opt/ibm/iaccess/
#MC_ODBC_LIBRARY_PATH=/opt/ibm/iaccess/lib64/
#MC_ODBC_PATH=/usr/local/lib/odbc
#MC_MONGODB_IMAGE=docker.io/library/mongo:latest
#MC_MONGO_URI=mongodb://localhost:27017
#MC_SESSION_TTL=3600
#MC_SITE_CONFIG_YML=/path/to/site_config.yml
#MC_SITE_CONFIG_PY=/path/to/site_config.py
# SSL/TLS Configuration (Volume Mapped)
#MC_SSL_PUBLIC_CERT=/path/to/certs/td-cert.pem
#MC_SSL_PRIVATE_KEY=/path/to/certs/td-private-key.pem
#MC_SSL_CERT_CHAIN=/path/to/certs/cert-chain.pem
#MC_SSL_PROXY_PUBLIC_CERT=/path/to/certs/proxy-cert.pem
#MC_SSL_PROXY_PRIVATE_KEY=/path/to/certs/proxy-key.pem
# OIDC Authentication Configuration
#XGT_AUTH_TYPES="['OidcAuth']"
#MC_OIDC_ISSUER=https://idp.example.com/realms/xgt
#MC_OIDC_CLIENT_ID=xgtd-client
#MC_OIDC_CLIENT_SECRET=
#MC_OIDC_SCOPES=openid profile email
#MC_OIDC_FRONTEND_URL=https://mc.example.com
#MC_OIDC_REDIRECT_URI=https://mc.example.com/api/login/oidc/callback
#MC_OIDC_TLS_VERIFY=true
#MC_OIDC_CA_CERT=/path/to/ca-bundle.pem
# Security Allowlists (optional; * wildcards supported)
# MC_XGT_ALLOWED_HOSTS — recommended when xGT host is user-supplied (prevents SSRF)
#MC_XGT_ALLOWED_HOSTS=xgt:4367,xgt2:4367
#MC_XGT_ALLOWED_HOSTS=xgt-*.xgt.myns.svc.cluster.local:4367
# MC_OIDC_ALLOWED_ORIGINS — optional defense-in-depth; restricts which frontend
# origins may initiate OIDC login (not required to prevent token theft)
#MC_OIDC_ALLOWED_ORIGINS=https://mc.example.com,http://localhost:8081
#MC_OIDC_ALLOWED_ORIGINS=https://*.apps.cluster.example.com
# xGT Server Configuration
#XGT_IMAGE=docker.io/rocketgraph/xgt:latest
#XGT_PORT=4367
#XGT_LICENSE_FILE=/path/to/license/xgt-license.lic
#XGT_CONF_PATH=/path/to/conf
#XGT_DATA_PATH=/path/to/data
#XGT_LOG_PATH=/path/to/log
XGT_AUTH_TYPES="[]"
#XGT_SSL_SERVER_CERT=/path/to/certs/xgt-chain.pem
#XGT_SERVER_CN=xgt.example.com