4.3.3.1 Environment secrets and variables explained
Last updated
Last updated
| Variable | Description |
|---|---|
| Parameter | Description |
|---|---|
DOCKER_USERNAME
Your Dockerhub username to access the container registry. If you are using a different container registry, you will need to manually edit the deploy.yml appropriately.
DOCKER_TOKEN
Your Dockerhub access token.
DOCKERHUB_ACCOUNT
The name of your Dockerhub account or organisation that forms the URL to your country config docker image on Dockerhub before the slash. e.g: opencrvs
DOCKERHUB_REPO
The name of your Dockerhub repository that forms the URL to your country config docker image on Dockerhub after the slash.. e.g. ocrvs-farajaland
SUPER_USER_PASSWORD
This is an OpenCRVS superuser National System Admnistrator password used when seeding the databases in deployed environments.
ELASTICSEARCH_SUPERUSER_PASSWORD
The Elasticsearch superuser password. You can also use this to login to Kibana with the username "elastic" and you have superuser Elastic privileges. Kibana URL: https://kibana.<your_domain>
KIBANA_USERNAME
A username for a regular Kibana user to login and monitor OpenCRVS stack health. Useful for developers as this user will have no superuser privileges.
KIBANA_PASSWORD
A password for a regular Kibana user to login and monitor OpenCRVS stack health
MONGODB_ADMIN_USER
The MongoDB superuser admin username. A powerful account that has all rights to OpenCRVS data
MONGODB_ADMIN_PASSWORD
The MongoDB superuser admin password.
MINIO_ROOT_USER
A username for a Minio superuser admin to login to the Minio console to view supporting document attachments submitted during registrations. https://minio-console.<your_domain>
MINIO_ROOT_PASSWORD
A password for a Minio superuser admin
SMTP_HOST
SMTP_PORT
SMTP_USERNAME
SMTP_PASSWORD
SMTP_SECURE
Whether or not your SMTP port requires TLS
ALERT_EMAIL
Email address or Slack channel address to send system technical alerts to.
SENDER_EMAIL_ADDRESS
The sender email address that appears in all emails will need to be configured.
SSH_KEY
This is a copy of the id_rsa file for the SSH Key, not the id_rsa.pub!
SSH_USER
Equal to "provision"
SSH_HOST
IP address for the server
REPLICAS
The number of replicas: 1, 2, 3 or 5 depending on how many servers are in the environment cluster
DOMAIN
The host domain name (without www!) for your environment.
CONTENT_SECURITY_POLICY_WILDCARD
This string is supplied to the clients and nginx config and ensures that the format of your domain above can be configurable for CORS purposes.
ACTIVATE_USERS
When users are seeded, are they immediately active using a test password and six zeros as a 2-Factor auth code. Always false in production and staging.
AUTH_HOST, CLIENT_APP_URL, COUNTRY_CONFIG_HOST, GATEWAY_HOST, LOGIN_URL
URLs passed to docker-compose to support internal microservice comms.
DISK_SPACE
The amount of disk space set aside for encrypted PII data stored by OpenCRVS
NOTIFICATION_TRANSPORT
A prop which can be used to configure either Email or SMS for staff and beneficiary comms or potentially both.
SSH_ARGS
Arguments that are passed to the SSH command to access the server, such as when using a bastion or jump.
VPN_HOST_ADDRESS
IP address for the VPN server
VPN_ADMIN_PASSWORD
Password for the optional, built-in Wireguard VPN Admin interface at https://vpn.<your domain>
SENTRY_DSN
OpenCRVS can report application errors to Sentry in order to help you debug any issues in production.
INFOBIP_API_KEY
If you are using SMS for communications, then you will likely require an API key. We use this secret for the Infobip API. Its likely you will have your own custom requirements depending on your chosen provider.
INFOBIP_SENDER_ID
If you are using SMS for communications, then the sender id that appears in all SMS messages will need to be configured. Its likely you will have your own custom requirements depending on your chosen provider.
INFOBIP_GATEWAY_ENDPOINT
We use this prop to store the endpoint URL for the Infobip API. Its likely you will have your own custom requirements depending on your chosen provider.