Config
Goiabada uses environment variables and/or executable flags to configure its behavior.
If both an environment variable and a flag are set, the flag takes precedence.
GOIABADA_AUTHSERVER_BASEURL
and GOIABADA_ADMINCONSOLE_BASEURL
Flag: --authserver-baseurl
and --adminconsole-baseurl
Default: http://localhost:9090 (auth server) and http://localhost:9091 (admin console)
Description: The base URL of the application. This is used for external access into the application.
GOIABADA_AUTHSERVER_INTERNALBASEURL
and GOIABADA_ADMINCONSOLE_INTERNALBASEURL
Flag: --authserver-internalbaseurl
and --adminconsole-internalbaseurl
Default: (empty string)
Description: The internal base URL of the application. This is used for internal communication (for instance, when the adminconsole
needs to call the token
endpoint on the authserver
)
GOIABADA_AUTHSERVER_LISTEN_HOST_HTTPS
and GOIABADA_ADMINCONSOLE_LISTEN_HOST_HTTPS
Flag: --authserver-listen-host-https
and --adminconsole-listen-host-https
Default: 0.0.0.0 (all network interfaces)
Description: The host to listen on for HTTPS access.
GOIABADA_AUTHSERVER_LISTEN_PORT_HTTPS
and GOIABADA_ADMINCONSOLE_LISTEN_PORT_HTTPS
Flag: --authserver-listen-port-https
and --adminconsole-listen-port-https
Default: 9443 (auth server) and 9444 (admin console)
Description: The port to listen on for HTTPS access.
GOIABADA_AUTHSERVER_LISTEN_HOST_HTTP
and GOIABADA_ADMINCONSOLE_LISTEN_HOST_HTTP
Flag: --authserver-listen-host-http
and --adminconsole-listen-host-http
Default: 0.0.0.0 (all network interfaces)
Description: The host to listen on for HTTP access.
GOIABADA_AUTHSERVER_LISTEN_PORT_HTTP
and GOIABADA_ADMINCONSOLE_LISTEN_PORT_HTTP
Flag: --authserver-listen-port-http
and --adminconsole-listen-port-http
Default: 9090 (auth server) and 9091 (admin console)
Description: The port to listen on for HTTP access.
GOIABADA_AUTHSERVER_TRUST_PROXY_HEADERS
and GOIABADA_ADMINCONSOLE_TRUST_PROXY_HEADERS
Flag: --authserver-trust-proxy-headers
and --adminconsole-trust-proxy-headers
Default: false
Description: If you're using a reverse proxy, you should trust the headers sent by it. The True-Client-IP
, X-Real-IP
or the X-Forwarded-For
header will be used to get the client's IP address. If you're not using a reverse proxy, you should set those variables to false
.
GOIABADA_AUTHSERVER_SET_COOKIE_SECURE
and GOIABADA_ADMINCONSOLE_SET_COOKIE_SECURE
Flag: --authserver-set-cookie-secure
and --adminconsole-set-cookie-secure
Default: false
Description: This should always be set to true
in production, when using HTTPS. The only scenario where they should be false
is when testing locally with HTTP only.
GOIABADA_AUTHSERVER_LOG_HTTP_REQUESTS
and GOIABADA_ADMINCONSOLE_LOG_HTTP_REQUESTS
Flag: --authserver-log-http-requests
and --adminconsole-log-http-requests
Default: false
Description: If true
, log the HTTP requests to console.
GOIABADA_AUTHSERVER_CERTFILE
and GOIABADA_ADMINCONSOLE_CERTFILE
Flag: --authserver-certfile
and --adminconsole-certfile
Default: (empty string)
Description: Certificate file for HTTPS. If empty, TLS will not be enabled.
GOIABADA_AUTHSERVER_KEYFILE
and GOIABADA_ADMINCONSOLE_KEYFILE
Flag: --authserver-keyfile
and --adminconsole-keyfile
Default: (empty string)
Description: key file for HTTPS. If empty, TLS will not be enabled.
GOIABADA_AUTHSERVER_LOG_SQL
and GOIABADA_ADMINCONSOLE_LOG_SQL
Flag: --authserver-log-sql
and --adminconsole-log-sql
Default: false
Description: If true
, log all SQL statements to console.
GOIABADA_AUTHSERVER_AUDIT_LOGS_IN_CONSOLE
and GOIABADA_ADMINCONSOLE_AUDIT_LOGS_IN_CONSOLE
Flag: --authserver-audit-logs-in-console
and --adminconsole-audit-logs-in-console
Default: false
Description: If true
, log audit messages to console.
GOIABADA_AUTHSERVER_STATICDIR
and GOIABADA_ADMINCONSOLE_STATICDIR
Flag: --authserver-staticdir
and --adminconsole-staticdir
Default: (empty string)
Description: The directory where the static files are located. If empty, it uses the static files embedded into the binary. This config is useful when you want to make modifications to the static files and serve them from the filesystem (perhaps via a docker volume, when running in a container).
GOIABADA_AUTHSERVER_TEMPLATEDIR
and GOIABADA_ADMINCONSOLE_TEMPLATEDIR
Flag: --authserver-templatedir
and --adminconsole-templatedir
Default: (empty string)
Description: The directory where the HTML templates are located. If empty, it uses the HTML templates embedded into the binary. This config is useful when you want to make modifications to the templates and serve them from the filesystem (perhaps via a docker volume, when running in a container).
GOIABADA_DB_TYPE
Flag: --db-type
Default: sqlite
Description: Currently mysql
, postgres
, mssql
, sqlite
are supported.
GOIABADA_DB_USERNAME
Flag: --db-username
Default: root
Description: DB user's name.
GOIABADA_DB_PASSWORD
Flag: --db-password
Default: (empty string)
Description: DB user's password.
GOIABADA_DB_HOST
Flag: --db-host
Default: localhost
Description: DB server hostname.
GOIABADA_DB_PORT
Flag: --db-port
Default: 3306
Description: DB server TCP port.
GOIABADA_DB_NAME
Flag: --db-name
Default: goiabada
Description: Database (schema) name.
GOIABADA_DB_DSN
Flag: --db-dsn
Default: file::memory:?cache=shared
Description: DSN of the database. Only applicable when db type is sqlite
. When using a file, don't forget to add ?_pragma=busy_timeout=5000&_pragma=journal_mode=WAL
.
Example: file:/home/john/goiabada.db?_pragma=busy_timeout=5000&_pragma=journal_mode=WAL
GOIABADA_ADMIN_EMAIL
Flag: --admin-email
Default: admin
Description: The email address of the admin user (the first user created). This is only relevant when the application is started for the first time.
GOIABADA_ADMIN_PASSWORD
Flag: --admin-password
Default: changeme
Description: The password of the admin user (the first user created). This is only relevant when the application is started for the first time.
GOIABADA_APPNAME
Flag: --appname
Default: Goiabada
Description: The name of the application. This is used in the UI and is only relevant when the application is started for the first time (it can be changed in the adminconsole
later).