Config
Goiabada uses environment variables and/or executable flags to configure its behavior.
If both an environment variable and a flag are set, the flag takes precedence.
GOIABADA_AUTHSERVER_BASEURL and GOIABADA_ADMINCONSOLE_BASEURL
Flag: --authserver-baseurl and --adminconsole-baseurl
Default: http://localhost:9090 (auth server) and http://localhost:9091 (admin console)
Description: The base URL of the application. This is used for external access into the application.
GOIABADA_AUTHSERVER_INTERNALBASEURL and GOIABADA_ADMINCONSOLE_INTERNALBASEURL
Flag: --authserver-internalbaseurl and --adminconsole-internalbaseurl
Default: (empty string)
Description: The internal base URL of the application. This is used for internal communication (for instance, when the adminconsole needs to call the token endpoint on the authserver)
GOIABADA_AUTHSERVER_LISTEN_HOST_HTTPS and GOIABADA_ADMINCONSOLE_LISTEN_HOST_HTTPS
Flag: --authserver-listen-host-https and --adminconsole-listen-host-https
Default: 0.0.0.0 (all network interfaces)
Description: The host to listen on for HTTPS access.
GOIABADA_AUTHSERVER_LISTEN_PORT_HTTPS and GOIABADA_ADMINCONSOLE_LISTEN_PORT_HTTPS
Flag: --authserver-listen-port-https and --adminconsole-listen-port-https
Default: 9443 (auth server) and 9444 (admin console)
Description: The port to listen on for HTTPS access.
GOIABADA_AUTHSERVER_LISTEN_HOST_HTTP and GOIABADA_ADMINCONSOLE_LISTEN_HOST_HTTP
Flag: --authserver-listen-host-http and --adminconsole-listen-host-http
Default: 0.0.0.0 (all network interfaces)
Description: The host to listen on for HTTP access.
GOIABADA_AUTHSERVER_LISTEN_PORT_HTTP and GOIABADA_ADMINCONSOLE_LISTEN_PORT_HTTP
Flag: --authserver-listen-port-http and --adminconsole-listen-port-http
Default: 9090 (auth server) and 9091 (admin console)
Description: The port to listen on for HTTP access.
GOIABADA_AUTHSERVER_TRUST_PROXY_HEADERS and GOIABADA_ADMINCONSOLE_TRUST_PROXY_HEADERS
Flag: --authserver-trust-proxy-headers and --adminconsole-trust-proxy-headers
Default: false
Description: If you're using a reverse proxy, you should trust the headers sent by it. The True-Client-IP, X-Real-IP or the X-Forwarded-For header will be used to get the client's IP address. If you're not using a reverse proxy, you should set those variables to false.
GOIABADA_AUTHSERVER_SET_COOKIE_SECURE and GOIABADA_ADMINCONSOLE_SET_COOKIE_SECURE
Flag: --authserver-set-cookie-secure and --adminconsole-set-cookie-secure
Default: false
Description: This should always be set to true in production, when using HTTPS. The only scenario where they should be false is when testing locally with HTTP only.
GOIABADA_AUTHSERVER_LOG_HTTP_REQUESTS and GOIABADA_ADMINCONSOLE_LOG_HTTP_REQUESTS
Flag: --authserver-log-http-requests and --adminconsole-log-http-requests
Default: false
Description: If true, log the HTTP requests to console.
GOIABADA_AUTHSERVER_CERTFILE and GOIABADA_ADMINCONSOLE_CERTFILE
Flag: --authserver-certfile and --adminconsole-certfile
Default: (empty string)
Description: Certificate file for HTTPS. If empty, TLS will not be enabled.
GOIABADA_AUTHSERVER_KEYFILE and GOIABADA_ADMINCONSOLE_KEYFILE
Flag: --authserver-keyfile and --adminconsole-keyfile
Default: (empty string)
Description: key file for HTTPS. If empty, TLS will not be enabled.
GOIABADA_AUTHSERVER_LOG_SQL and GOIABADA_ADMINCONSOLE_LOG_SQL
Flag: --authserver-log-sql and --adminconsole-log-sql
Default: false
Description: If true, log all SQL statements to console.
GOIABADA_AUTHSERVER_AUDIT_LOGS_IN_CONSOLE and GOIABADA_ADMINCONSOLE_AUDIT_LOGS_IN_CONSOLE
Flag: --authserver-audit-logs-in-console and --adminconsole-audit-logs-in-console
Default: false
Description: If true, log audit messages to console.
GOIABADA_AUTHSERVER_STATICDIR and GOIABADA_ADMINCONSOLE_STATICDIR
Flag: --authserver-staticdir and --adminconsole-staticdir
Default: (empty string)
Description: The directory where the static files are located. If empty, it uses the static files embedded into the binary. This config is useful when you want to make modifications to the static files and serve them from the filesystem (perhaps via a docker volume, when running in a container).
GOIABADA_AUTHSERVER_TEMPLATEDIR and GOIABADA_ADMINCONSOLE_TEMPLATEDIR
Flag: --authserver-templatedir and --adminconsole-templatedir
Default: (empty string)
Description: The directory where the HTML templates are located. If empty, it uses the HTML templates embedded into the binary. This config is useful when you want to make modifications to the templates and serve them from the filesystem (perhaps via a docker volume, when running in a container).
GOIABADA_DB_TYPE
Flag: --db-type
Default: sqlite
Description: Currently mysql and sqlite are supported.
GOIABADA_DB_USERNAME
Flag: --db-username
Default: root
Description: DB user's name.
GOIABADA_DB_PASSWORD
Flag: --db-password
Default: (empty string)
Description: DB user's password.
GOIABADA_DB_HOST
Flag: --db-host
Default: localhost
Description: DB server hostname.
GOIABADA_DB_PORT
Flag: --db-port
Default: 3306
Description: DB server TCP port.
GOIABADA_DB_NAME
Flag: --db-name
Default: goiabada
Description: Database (schema) name.
GOIABADA_DB_DSN
Flag: --db-dsn
Default: file::memory:?cache=shared
Description: DSN of the database. Only applicable when db type is sqlite. When using a file, don't forget to add ?_pragma=busy_timeout=5000&_pragma=journal_mode=WAL.
Example: file:/home/john/goiabada.db?_pragma=busy_timeout=5000&_pragma=journal_mode=WAL
GOIABADA_ADMIN_EMAIL
Flag: --admin-email
Default: admin
Description: The email address of the admin user (the first user created). This is only relevant when the application is started for the first time.
GOIABADA_ADMIN_PASSWORD
Flag: --admin-password
Default: changeme
Description: The password of the admin user (the first user created). This is only relevant when the application is started for the first time.
GOIABADA_APPNAME
Flag: --appname
Default: Goiabada
Description: The name of the application. This is used in the UI and is only relevant when the application is started for the first time (it can be changed in the adminconsole later).