Environment Variables
Environment variables for the web service
| Name | Introduction Version | Type | Description | Default Value |
|---|---|---|---|---|
OC_TRACING_ENABLEDWEB_TRACING_ENABLED | 1.0.0 | bool | Activates tracing. | false |
OC_TRACING_TYPEWEB_TRACING_TYPE | 1.0.0 | string | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. | |
OC_TRACING_ENDPOINTWEB_TRACING_ENDPOINT | 1.0.0 | string | The endpoint of the tracing agent. | |
OC_TRACING_COLLECTORWEB_TRACING_COLLECTOR | 1.0.0 | string | The HTTP endpoint for sending spans directly to a collector, i.e. \http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | |
OC_LOG_LEVELWEB_LOG_LEVEL | 1.0.0 | string | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'. | |
OC_LOG_PRETTYWEB_LOG_PRETTY | 1.0.0 | bool | Activates pretty log output. | false |
OC_LOG_COLORWEB_LOG_COLOR | 1.0.0 | bool | Activates colorized log output. | false |
OC_LOG_FILEWEB_LOG_FILE | 1.0.0 | string | The path to the log file. Activates logging to this file if set. | |
WEB_DEBUG_ADDR | 1.0.0 | string | Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. | 127.0.0.1:9104 |
WEB_DEBUG_TOKEN | 1.0.0 | string | Token to secure the metrics endpoint. | |
WEB_DEBUG_PPROF | 1.0.0 | bool | Enables pprof, which can be used for profiling. | false |
WEB_DEBUG_ZPAGES | 1.0.0 | bool | Enables zpages, which can be used for collecting and viewing in-memory traces. | false |
WEB_HTTP_ADDR | 1.0.0 | string | The bind address of the HTTP service. | 127.0.0.1:9100 |
OC_HTTP_TLS_ENABLED | 1.0.0 | bool | Activates TLS for the http based services using the server certifcate and key configured via OC_HTTP_TLS_CERTIFICATE and OC_HTTP_TLS_KEY. If OC_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true. | false |
OC_HTTP_TLS_CERTIFICATE | 1.0.0 | string | Path/File name of the TLS server certificate (in PEM format) for the http services. | |
OC_HTTP_TLS_KEY | 1.0.0 | string | Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services. | |
WEB_HTTP_ROOT | 1.0.0 | string | Subdirectory that serves as the root for this HTTP service. | / |
WEB_CACHE_TTL | 1.0.0 | int | Cache policy in seconds for OpenCloud Web assets. | 604800 |
OC_CORS_ALLOW_ORIGINSWEB_CORS_ALLOW_ORIGINS | 1.0.0 | []string | A list of allowed CORS origins. See following chapter for more details: Access-Control-Allow-Origin at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | [https://localhost:9200] |
OC_CORS_ALLOW_METHODSWEB_CORS_ALLOW_METHODS | 1.0.0 | []string | A list of allowed CORS methods. See following chapter for more details: Access-Control-Request-Method at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details. | [OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH] |
OC_CORS_ALLOW_HEADERSWEB_CORS_ALLOW_HEADERS | 1.0.0 | []string | A list of allowed CORS headers. See following chapter for more details: Access-Control-Request-Headers at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details. | [Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override] |
OC_CORS_ALLOW_CREDENTIALSWEB_CORS_ALLOW_CREDENTIALS | 1.0.0 | bool | Allow credentials for CORS. See following chapter for more details: Access-Control-Allow-Credentials at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | false |
WEB_ASSET_CORE_PATH | 1.0.0 | string | Serve OpenCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core | /home/chaser/.opencloud/web/assets/core |
OC_ASSET_THEMES_PATHWEB_ASSET_THEMES_PATH | 1.0.0 | string | Serve OpenCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes | /home/chaser/.opencloud/web/assets/themes |
WEB_ASSET_APPS_PATH | 1.0.0 | string | Serve OpenCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps | /home/chaser/.opencloud/web/assets/apps |
WEB_UI_CONFIG_FILE | 1.0.0 | string | Read the OpenCloud Web json based configuration from this path/file. The config file takes precedence over WEB_OPTION_xxx environment variables. See the text description for more details. | |
OC_URLWEB_UI_THEME_SERVER | 1.0.0 | string | Base URL to load themes from. Will be prepended to the theme path. | https://localhost:9200 |
WEB_UI_THEME_PATH | 1.0.0 | string | Path to the theme json file. Will be appended to the URL of the theme server. | /themes/opencloud/theme.json |
OC_URLWEB_UI_CONFIG_SERVER | 1.0.0 | string | URL, where the OpenCloud APIs are reachable for OpenCloud Web. | https://localhost:9200 |
WEB_OIDC_METADATA_URL | 1.0.0 | string | URL for the OIDC well-known configuration endpoint. Defaults to the OpenCloud API URL + '/.well-known/openid-configuration'. | https://localhost:9200/.well-known/openid-configuration |
OC_URLOC_OIDC_ISSUERWEB_OIDC_AUTHORITY | 1.0.0 | string | URL of the OIDC issuer. It defaults to URL of the builtin IDP. | https://localhost:9200 |
OC_OIDC_CLIENT_IDWEB_OIDC_CLIENT_ID | 1.0.0 | string | The OIDC client ID which OpenCloud Web uses. This client needs to be set up in your IDP. Note that this setting has no effect when using the builtin IDP. | web |
WEB_OIDC_RESPONSE_TYPE | 1.0.0 | string | The OIDC response type to use for authentication. | code |
WEB_OIDC_SCOPE | 1.0.0 | string | OIDC scopes to request during authentication to authorize access to user details. Defaults to 'openid profile email'. Values are separated by blank. More example values but not limited to are 'address' or 'phone' etc. | openid profile email |
WEB_OIDC_POST_LOGOUT_REDIRECT_URI | 1.0.0 | string | This value needs to point to a valid and reachable web page. The web client will trigger a redirect to that page directly after the logout action. The default value is empty and redirects to the login page. | |
WEB_OPTION_OPEN_APPS_IN_TAB | 1.0.0 | bool | Configures whether apps and extensions should generally open in a new tab. Defaults to false. | false |
WEB_OPTION_DISABLE_FEEDBACK_LINK | 1.0.0 | bool | Set this option to 'true' to disable the feedback link in the top bar. Keeping it enabled by setting the value to 'false' or with the absence of the option, allows OpenCloud to get feedback from your user base through a dedicated survey website. | false |
WEB_OPTION_RUNNING_ON_EOS | 1.0.0 | bool | Set this option to 'true' if running on an EOS storage backend (\https://eos-web.web.cern.ch/eos-web/) to enable its specific features. Defaults to 'false'. | false |
WEB_OPTION_CONTEXTHELPERS_READ_MORE | 1.0.0 | bool | Specifies whether the 'Read more' link should be displayed or not. | true |
WEB_OPTION_LOGOUT_URL | 1.0.0 | string | Adds a link to the user's profile page to point him to an external page, where he can manage his session and devices. This is helpful when an external IdP is used. This option is disabled by default. | |
WEB_OPTION_LOGIN_URL | 1.0.0 | string | Specifies the target URL to the login page. This is helpful when an external IdP is used. This option is disabled by default. Example URL like: \https://www.myidp.com/login. | |
WEB_OPTION_TOKEN_STORAGE_LOCAL | 1.0.0 | bool | Specifies whether the access token will be stored in the local storage when set to 'true' or in the session storage when set to 'false'. If stored in the local storage, login state will be persisted across multiple browser tabs, means no additional logins are required. | true |
WEB_OPTION_DISABLED_EXTENSIONS | 1.0.0 | []string | A list to disable specific Web extensions identified by their ID. The ID can e.g. be taken from the 'index.ts' file of the web extension. Example: 'com.github.opencloud-eu.web.files.search,com.github.opencloud-eu.web.files.print'. See the Environment Variable Types description for more details. | [] |
WEB_OPTION_EMBED_ENABLED | 1.0.0 | string | Defines whether Web should be running in 'embed' mode. Setting this to 'true' will enable a stripped down version of Web with reduced functionality used to integrate Web into other applications like via iFrame. Setting it to 'false' or not setting it (default) will run Web as usual with all functionality enabled. See the text description for more details. | |
WEB_OPTION_EMBED_TARGET | 1.0.0 | string | Defines how Web is being integrated when running in 'embed' mode. Currently, the only supported options are '' (empty) and 'location'. With '' which is the default, Web will run regular as defined via the 'embed.enabled' config option. With 'location', Web will run embedded as location picker. Resource selection will be disabled and the selected resources array always includes the current folder as the only item. See the text description for more details. | |
WEB_OPTION_EMBED_MESSAGES_ORIGIN | 1.0.0 | string | Defines a URL under which Web can be integrated via iFrame in 'embed' mode. Note that setting this is mandatory when running Web in 'embed' mode. Use '*' as value to allow running the iFrame under any URL, although this is not recommended for security reasons. See the text description for more details. | |
WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION | 1.0.0 | bool | Defines whether Web should require authentication to be done by the parent application when running in 'embed' mode. If set to 'true' Web will not try to authenticate the user on its own but will require an access token coming from the parent application. Defaults to being unset. | false |
WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION_ORIGIN | 1.0.0 | string | Defines the host to validate the message event origin against when running Web in 'embed' mode with delegated authentication. Defaults to event message origin validation being omitted, which is only recommended for development setups. | |
WEB_OPTION_USER_LIST_REQUIRES_FILTER | 1.0.0 | bool | Defines whether one or more filters must be set in order to list users in the Web admin settings. Set this option to 'true' if running in an environment with a lot of users and listing all users could slow down performance. Defaults to 'false'. | false |
WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS | 1.0.0 | int | Defines the maximum number of concurrent requests per file/folder/space batch action. Defaults to 4. | 0 |
WEB_OPTION_CONCURRENT_REQUESTS_SSE | 1.0.0 | int | Defines the maximum number of concurrent requests in SSE event handlers. Defaults to 4. | 0 |
WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE | 1.0.0 | int | Defines the maximum number of concurrent requests per sharing invite batch. Defaults to 4. | 0 |
WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST | 1.0.0 | int | Defines the maximum number of concurrent requests when loading individual share information inside listings. Defaults to 2. | 0 |
OC_JWT_SECRETWEB_JWT_SECRET | 1.0.0 | string | The secret to mint and validate jwt tokens. | |
WEB_GATEWAY_GRPC_ADDR | 1.0.0 | string | The bind address of the GRPC service. | eu.opencloud.api.gateway |