Customizing Fluent Manager application
This documentation describes all the environment variables with which you can customize your Fluent Manager instance. In order to perform customizations, you should first create an environment configuration file, and then make the necessary changes to the environment variables before running the deploy command. If you deploy your application using Kubernetes, you can customize environment variables when running the install command or in the config.yaml file.
List of env variables:
Security properties
| Env name | Description | Default Value | Value Example |
|---|
| FLUENT_MANAGER_JWT_PRIVATE_KEY | JWT private key that will be used for token encryption | | wplkd54WJOSNjIksJ/aPje345SNGS/1ldsafDsF43S4OPw= |
| FLUENT_MANAGER_ACCESS_TOKEN_TIME_TO_LIVE | Time in seconds for how long an access token will be valid | 86400 | 129600 |
| FLUENT_MANAGER_REFRESH_TOKEN_TIME_TO_LIVE | Time in seconds for how long a refresh token will be valid | 1209600 | 1728000 |
| FLUENT_MANAGER_RESET_PASSWORD_TOKEN_TIME_TO_LIVE | Time in seconds for how long a password reset token will be valid. This token is used when creating a user, resetting a password by administrators, and when recovering a password using forgot password | 86400 | 1728000 |
| FLUENT_MANAGER_MAXIMUM_FAILED_LOGIN_ATTEMPTS | The number of possible failed login attempts before the user account is locked out for 30 minutes. Administrators can manually unlock a user to reduce the wait time for another login attempt | 5 | 10 |
| FLUENT_MANAGER_COOKIES_TIME_TO_LIVE | The time in seconds that the cookie will remain active if the remember me option is selected for the Designer session. Also controls session lifetime for SSO | 2592000 | 3002000 |
CORS properties
| Env name | Description | Default Value | Value Example |
|---|
| FLUENT_MANAGER_CORS_ALLOWED_PATHS | Comma separated allowed paths for CORS validation | /** | - /api/**, /public/images/*
- /user, /public/**
|
| FLUENT_MANAGER_CORS_ALLOWED_ORIGINS | Comma separated allowed origins for CORS validation | * | |
| FLUENT_MANAGER_CORS_ALLOWED_METHODS | Comma separated allowed methods for CORS validation | * | |
Fluent Database properties
| Env name | Description | Value Example |
|---|
| FLUENT_MANAGER_DATABASE_URL | URL connection for a PostgreSQL database. The final connection string will be in the format jdbc:postgresql://${FLUENT_MANAGER_DATABASE_URL}/${FLUENT_MANAGER_DATABASE_NAME} | - localhost:5432
- 30.30.10.30:1433
|
| FLUENT_MANAGER_DATABASE_NAME | Database name that will be used by Fluent Manager | testdb |
| FLUENT_MANAGER_DATABASE_USERNAME | Username to connect to the database | postgres |
| FLUENT_MANAGER_DATABASE_PASSWORD | Password to connect to the database | Pa$$W0rd_str |
Email sending properties
These properties can be used to set up a connection to an SMTP mail server. With proper SMTP configuration, Manager will be able to send emails to new users with login credentials, as well as to existing users to reset a password.
| Env name | Description | Default value | Value Example |
|---|
| FLUENT_MANAGER_MAILING_ENABLE | Defines if SMTP mail sending will be enabled | false | true |
| FLUENT_MANAGER_SMTP_HOST | Host address of SMTP provider | smtp.gmail.com | smtp.example.com |
| FLUENT_MANAGER_SMTP_PORT | SMTP provider port | 587 | 584 |
| FLUENT_MANAGER_SMTP_USERNAME | Username for SMTP provider account | admin@email.com | user@example.com |
| FLUENT_MANAGER_SMTP_PASSWORD | Password for SMTP provider account | \$\$uper\$\$ecret | Pa$$W0rd_str |
| FLUENT_MANAGER_SMTP_AUTH | Defines whether authentication is required by the SMTP server | true | true |
| FLUENT_MANAGER_SMTP_TLS_ENABLE | Enables or disables starttls extension for secure SMTP server | true | true |
| FLUENT_MANAGER_SMTP_FROM | Email address that will be used as default "From address" for email messages | admin@email.com | sample@example.com |
Sentry properties
| Env name | Description | Value Example |
|---|
| FLUENT_MANAGER_SENTRY_DSN | Sentry monitoring system SDK with client key configuration (DNS) | https://public@sentry.example.com/1 |
| FLUENT_MANAGER_SENTRY_ENVIRONMENT | Property that indicates the current environment, if this is required | production |
Fluent admin properties
| Env name | Description | Default value | Value Example |
|---|
| FLUENT_MANAGER_RESET_SYSTEM_ADMINISTRATOR_CREDENTIALS | If set to "true", reset the Global Administrator password back to the FLUENT_MANAGER_DEFAULT_ADMIN_PASSWORD property each time the application is restarted. If this user is deleted, it will be restored | false | false |
| FLUENT_MANAGER_DEFAULT_ADMIN_EMAIL | Global Administrator email | | admin@email.com |
| FLUENT_MANAGER_DEFAULT_ADMIN_PASSWORD | Global Administrator password | | Pa$$W0rd_str |
License option
| Env name | Description | Default value | Value Example |
|---|
| FLUENT_MANAGER_LICENSE_SUBSCRIPTION_ENABLE | When enabled, license subscription information will be checked and monitored. Otherwise, license subscription will be omitted | true | true |
Db container properties
| Env name | Description | Value Example |
|---|
| POSTGRES_USER | Database user | postgres |
| POSTGRES_PASSWORD | Database password | Pa$$W0rd_str |
| POSTGRES_DB | Database name | fluent |
Vault properties
Vault functionality is under development. We do not recommend enabling the FLUENT_MANAGER_VAULT_ENABLE variable.
| Env name | Description | Default Value | Value Example |
|---|
| FLUENT_MANAGER_VAULT_ENABLE | By default, connection strings are stored encrypted in the database. An alternative is to store connection strings in Vault. If this variable is true, then Vault will be used as storage for connection strings | false | true |
| FLUENT_MANAGER_VAULT_SECRET_ENGINE_PATH | The mount path for Secret Engine | fluent-manager | secret/myapp |
| FLUENT_MANAGER_VAULT_TOKEN | Vault authentication token | static-token-value | s.DZB9zI1zXOEFnvBkGLFnwDXY |
| FLUENT_MANAGER_VAULT_URI | URI for Vault. Must contain hostname, port and scheme | http://host.docker.internal:8200 | http://localhost:8200 |
Other properties
| Env name | Description | Value Example |
|---|
| FLUENT_MANAGER_KEYSET_HANDLE | By default, Manager stores connection strings in the database in encrypted form. This variable stores the encryption key for connection strings. The encryption key is unique for each Fluent Manager instance and is generated once when creating the .env file. Do not change this value without reason. If the encryption key is lost, the connection strings values stored in the database cannot be decrypted | ZZBTpmZdpj3YokOCgPqvpYB5IXreMYJPzPtaslBsrPqveVATdUqr1TKT1SJQckEYdkEYXjtCthEoBlEIsPqvpCLsVZfQ9EE0UJn== |
| FLUENT_MANAGER_SDK_TYPE | Type of the RESTful Engine that you want to connect | fluent |
| SPRING_PROFILES_ACTIVE | Comma separated list of profiles that will be used for a Spring boot launch | prod, fluent |
| PUBLIC_URL | Sub-path on which the application will be launched. Defaults to '/' | manager |
| FLUENT_MANAGER_MAX_UPLOADED_FILE_SIZE_MB | Set a limit on the number of megabytes for the stream accepted by the client. This limit can be used to limit the size of files that Manager can pull, for example when analyzing imports tags. A value of -1 removes any limit | 16 |