Environment Variables
Docker settings
| Name | Default | Description | Dev/Test Only? |
|---|---|---|---|
| IN_DOCKER | true | Whether or not to deploy in a Docker environment | |
| DOCKER_VOLUMES_PATH_PREFIX | ./volumes/ | Common path prefix for all subvolume bind mounts to facilitate backup create and restoration. Note: This path needs to start with either "./" or "/" and needs to end with a "slash". This is to allow for setting this to an empty string or not defining the variable at all if Docker's standard volume directory should be used. |
Solr settings
| Name | Default | Description | Dev/Test Only? |
|---|---|---|---|
| SOLR_URL_SCHEME | http | Solr URL scheme (either http or https) |
|
| SOLR_HOST | solr | Host for the Solr server | |
| SOLR_PORT | 8983 | Port for the Solr server | |
| SOLR_CORE | hyrax_production | Name of the Solr core | |
| SOLR_TEST_PORT | 8983 | Port for the test Solr server | yes |
| SOLR_TEST_CORE | hyrax_test | Name of the Solr test core | yes |
Database settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| POSTGRES_HOST_APP | appdb | Host for the main application Postgres DB server | |
| POSTGRES_HOST_FCREPO | fcrepodb | Host for the Fedora Postgres DB server | |
| POSTGRES_PORT | 5432 | Port for the Postgres DB server | |
| POSTGRES_USER | postgres | User for the Postgres DB | |
| POSTGRES_PASSWORD | password | Password for the Postgres DB | |
| POSTGRES_DB_APP | hyrax_production | Database name for the main application Postgres DB | |
| POSTGRES_DB_TEST | hyrax_test | Database name for the test application Postgres DB | yes |
| POSTGRES_DB_FCREPO | fcrepo | Database name for the Fedora Postgres DB |
Redis settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| REDIS_HOST | redis | Host for the Redis server | |
| REDIS_PORT | 6379 | Port for the Redis server |
Fedora settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| FEDORA_URL_SCHEME | http | Fedora URL scheme (either http or https) |
|
| FEDORA_HOST | fcrepo | Host for the Fedora server | |
| FEDORA_PORT | 8080 | Port for the Fedora server | |
| FCREPO_PATH | /rest | URL path for the Fedora API | |
| FCREPO_VERSION | 4.7.5 | Fedora version | |
| FCREPO_DEVELOPMENT_PORT | 8080 | Port for the Fedora development server | yes |
| FEDORA_TEST_PORT | 8080 | Port for the Fedora test server | yes |
Rails settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| LANG | C.UTF-8 | ||
| PORT | 3000 | Port for the application (Rails) server | |
| RAILS_ENV | production | Rails environment (one of development or production) |
|
| RAILS_LOG_TO_STDOUT | true | Flag to direct Rails logging messages to console | |
| RAILS_SERVE_STATIC_FILES | true | Flag to serve static files from Rails process | |
| RAILS_MAX_THREADS | 5 | Maximum number of threads to allow Rails to use | |
| SECRET_KEY_BASE_PRODUCTION | The secret key should be a very long random key. You can use $ bundle exec rails secret to generate one. |
||
| DEVISE_SECRET_KEY | The secret key should be a very long random key. You can use $ bundle exec rails secret to generate one. |
||
| RAILS_FORCE_SSL | false | Flag to force Rails to use SSL |
Matomo settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| HYRAX_ANALYTICS | true | Flag to enable Hyrax analytics | |
| HYRAX_ANALYTICS_PROVIDER | matomo | Hyrax supports Google Analytics and Matomo. ReSeeD is configured to use Matomo | |
| ANALYTICS_START_DATE | 2022-02-18 | Date from which analytics are gathered | |
| MATOMO_SITE_ID | Identifies ReSeed to the Matomo service | ||
| MATOMO_BASE_URL | Base URL for the Matomo service | ||
| MATOMO_BASE_URL_SUFFIX | index.php | URL suffix for the Matomo service | |
| MATOMO_AUTH_TOKEN | Token used to authenticate ReSeed to the Matomo API |
Hyrax settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| HOST_APP_DATA_PATH | /data/ | Local path for mounted data directory (used by importer) | |
| DERIVATIVES_PATH | /shared/derivatives/ | Local path for derivatives | |
| FITS_PATH | /fits/fits-1.5.5/fits.sh | Path to FITS executable (used by Docker build and therefore fixed in resulting Docker image) |
|
| FITS_VERSION | 1.5.5 | FITS version (used by Docker build and therefore fixed in resulting Docker image) |
|
| UPLOADS_PATH | /shared/uploads/ | Local path uploaded files (used by Docker build and therefore fixed in resulting Docker image) |
|
| CACHE_PATH | /shared/cache/ | Path for cache (used by Docker build and therefore fixed in resulting Docker image) |
|
| BRAND_PATH | /data/public/branding | Path for logos etc. | |
| DEFAULT_DATE_FORMAT | %Y-%m-%d | Default data format | |
| NOTIFICATIONS_EMAIL_DEFAULT_FROM_ADDRESS | no-reply@mailboxer.com | Default email address used for from field in emailed notifications |
|
| USER_MANAGEMENT_EMAIL_FROM_ADDRESS | repo-admin@example.org | Email address used for from field in emailed notifications relating to user-management |
|
| CONTACT_FORM_SUBJECT_PREFIX | Hyrax Contact form: | Prefix used in subject field for contact form |
|
| CONTACT_EMAIL | Email address to which to send emailed contact form submissions | ||
| FROM_EMAIL | Email address used for from field in emailed contact form submissions |
||
| SMTP_HOST | Host for SMTP server used to send notifications | ||
| SMTP_PORT | Port for SMTP server used to send notifications | ||
| SMTP_PASS | Password for SMTP server used to send notifications | ||
| GEONAMES | |||
| IIIF_SEARCH_ENDPOINT | |||
| CONFIG_IIIF_IMAGE_ENDPOINT | |||
| IIIF_TO_SERVE_SSL_URLS | false | If the rails server is configured to serve requests in https, set this to true | |
| CRC_FOLDER_IMPORT_PATH | /mnt/rdms_data/RUB/testData | Local path for mounted data directory (used by importer for CRC1280 test data) (used by Docker build and therefore fixed in resulting Docker image) |
yes |
| USE_BROWSE_EVERYTHING | false | Flag to enable Browse Everything | |
| GOOGLE_DRIVE_CLIENT_ID | (for Browse Everything) | ||
| GOOGLE_DRIVE_CLIENT_SECRET | (for Browse Everything) | ||
| BOX_CLIENT_ID | (for Browse Everything) | ||
| BOX_CLIENT_SECRET | (for Browse Everything) | ||
| APP_HOST | localhost:3000 | Host used for generating URLs | |
| APPLICATION_URL | http://localhost:3000 | Should not have trailing slash |
S3 settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| USE_S3 | false | Flag to enable use of S3 (necessary for ReSeeD) | |
| S3_ENDPOINT | https://s3.location.example.com | S3 service base URL | |
| S3_ACCESS_KEY | S3 service access key | ||
| S3_SECRET_KEY | S3 service secret key | ||
| S3_REGION | S3 service region | ||
| S3_FILE_UPLOAD_BUCKET | Name of specific S3 bucket used for uploads | ||
| S3_BUCKET_PREFIX | Prefix for S3 buckets used for ReSeed data | ||
| S3_EXPIRY | 1 | Value is in days |
File Upload and Download settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| RUBY_THREAD_MACHINE_STACK_SIZE | 8388608 | Memory allocation | |
| RUBY_THREAD_VM_STACK_SIZE | 8388608 | Memory allocation | |
| MAX_FILES | 1000 | Maximum number of files that can be uploaded in a single operation | |
| MAX_FILE_SIZE | 2000000000 | Specified in bytes only, not in words (i.e. not like this "2.gigabytes") | |
| DOWNLOAD_FILES_SIZE_LIMIT | 100000000 | Maximum size of file that can be downloaded in a single operation | |
| DOWNLOAD_FILES_COUNT_LIMIT | 150 | Maximum number of files that can be downloaded in a single operation | |
| DOWNLOAD_PATH | tmp/downloads | Local path for downloaded files (used by Docker build and therefore fixed in resulting Docker image) |
Authentication settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| USE_SAML | true | Flag to use SAML authentication | |
| SAML_SP_ID | ${APPLICATION_URL} | ID for SAML Service Provider | |
| SAML_IDP_SERVICE_URL | https://samltest.id/saml/idp | URL for SAML Identity Provider | |
| SAML_IDP_SSO_SERVICE_URL | https://samltest.id/idp/profile/SAML2/Redirect/SSO | URL for SAML Identity Provider SSO service | |
| SAML_IDP_CERT | See "Default value for SAML-IDP-CERT" section at bottom of this document for default value (string is too long to include in this Markdown table) |
||
| SAML_SP_CERTIFICATE | Certificate for SAML Service Provider | ||
| SAML_SP_CERTIFICATE_KEY | Certificate key for for SAML Service Provider | ||
| SAML_ATTRIBUTE_UID | urn:oasis:names:tc:SAML:attribute:pairwise-id | Identifier for SAML attribute: UID | |
| SAML_ATTRIBUTE_NAME | urn:oid:2.16.840.1.113730.3.1.241 | Identifier for SAML attribute: Name | |
| SAML_ATTRIBUTE_EMAIL | urn:oid:0.9.2342.19200300.100.1.3 | Identifier for SAML attribute: Email | |
| SAML_ATTRIBUTE_ROLE | urn:oid:1.3.6.1.4.1.5923.1.1.1.1 | Identifier for SAML attribute: Role | |
| SAML_RESTRICT_AUTHORIZATION | true | If Authorisation is restricted, only users with affiliation=staff are allowed access |
|
| USE_ORCID | true | Flag to enable use of Orcid for authentication | |
| ORCID_CLIENT_ID | Client ID for Orcid API | ||
| ORCID_CLIENT_SECRET | Secret ID for Orcid API | ||
| ORCID_MEMBER | false | Flag indicating Orcid organisational membership | |
| ORCID_SANDBOX | true | Use Orcid sandbox instead of production API | |
| ORCID_RESTRICT_AUTHORIZATION | true | If Authorisation is restricted, only existing users with an Orcid ID are allowed access |
PID settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| REGISTER_DOI | true | Flag enabling registering of DOIs for published datasets | |
| DOI_URL | https://api.test.datacite.org/dois | URL of DataCite API for minting DOIs | |
| DOI_USERNAME | Username for DataCite API for minting DOIs | ||
| DOI_PASSWORD | Password for DataCite API for minting DOIs | ||
| DOI_PREFIX | DOI prefix to use in DataCite for minting DOIs | ||
| REGISTER_ARK | true | Flag enabling registering of ARKs for datasets | |
| ARK_ENDPOINT | URL of ARK service API for minting ARKs | ||
| ARK_USERNAME | Username for ARK service for minting ARKs | ||
| ARK_PASSWORD | Password for ARK service for minting ARKs | ||
| ARK_NAMESPACE | Namespace to use when minting ARKs | ||
| ARK_NAAN | ARK name assigning authority number |
CRC1280 settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| CRC1280_COLLECTION | CRC1280 | Name of CRC1280 collection in ReSeeD | |
| CRCDATASET_FUNDER_IDENTIFIER | Constant value to use when creating new CRC1280 works: Funder Identifier | ||
| CRCDATASET_FUNDER_NAME | Constant value to use when creating new CRC1280 works: Funder Name | ||
| CRCDATASET_AWARD_NUMBER | Constant value to use when creating new CRC1280 works: Award Number | ||
| CRCDATASET_AWARD_TITLE | Constant value to use when creating new CRC1280 works: Award Title | ||
| CRCDATASET_AWARD_URI | Constant value to use when creating new CRC1280 works: Award URI | ||
| CRCDATASET_LANGUAGE | Constant value to use when creating new CRC1280 works: Language | ||
| CRCDATASET_RESOURCE_TYPE | Collection | Constant value to use when creating new CRC1280 works: Resource Type |
Other miscellaneous settings
| Name | Default Value | Description | Dev or Test Only? |
|---|---|---|---|
| RUB_ADMIN_SET_TITLE | RUB publication workflow | Title used in workflows | |
| CRC_ADMIN_SET_TITLE | CRC1280 publication Workflow | Title used in workflows | |
| SYSTEM_ADMINISTRATOR | admin@hyrax | System user with the admin role |
|
| SYSTEM_PUBLICATION_MANAGER | publication_manager@hyrax | System user with the publication manager role |
|
| DATASET_PUBLISHER | Constant value to use when creating new RUB works: Publisher |
Default value for SAML-IDP-CERT
-----BEGIN CERTIFICATE----- MIIDEjCCAfqgAwIBAgIVAMECQ1tjghafm5OxWDh9hwZfxthWMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC3NhbWx0ZXN0LmlkMB4XDTE4MDgyNDIxMTQwOVoXDTM4MDgyNDIxMTQwOVowFjEUMBIGA1UEAwwLc2FtbHRlc3QuaWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Z4QX1NFKs71ufbQwoQoW7qkNAJRIANGA4iM0ThYghul3pC+FwrGv37aTxWXfA1UG9njKbbDreiDAZKngCgyjxj0uJ4lArgkr4AOEjj5zXA81uGHARfUBctvQcsZpBIxDOvUUImAl+3NqLgMGF2fktxMG7kX3GEVNc1klbN3dfYsaw5dUrw25DheL9np7G/+28GwHPvLb4aptOiONbCaVvh9UMHEA9F7c0zfF/cL5fOpdVa54wTI0u12CsFKt78h6lEGG5jUs/qX9clZncJM7EFkN3imPPy+0HC8nspXiH/MZW8o2cqWRkrw3MzBZW3Ojk5nQj40V6NUbjb7kfejzAgMBAAGjVzBVMB0GA1UdDgQWBBQT6Y9J3Tw/hOGc8PNV7JEE4k2ZNTA0BgNVHREELTArggtzYW1sdGVzdC5pZIYcaHR0cHM6Ly9zYW1sdGVzdC5pZC9zYW1sL2lkcDANBgkqhkiG9w0BAQsFAAOCAQEASk3guKfTkVhEaIVvxEPNR2w3vWt3fwmwJCccW98XXLWgNbu3YaMb2RSn7Th4p3h+mfyk2don6au7Uyzc1Jd39RNv80TG5iQoxfCgphy1FYmmdaSfO8wvDtHTTNiLArAxOYtzfYbzb5QrNNH/gQEN8RJaEf/g/1GTw9x/103dSMK0RXtl+fRs2nblD1JJKSQ3AdhxK/weP3aUPtLxVVJ9wMOQOfcy02l+hHMb6uAjsPOpOVKqi3M8XmcUZOpx4swtgGdeoSpeRyrtMvRwdcciNBp9UZome44qZAYH1iqrpmmjsfI9pJItsgWu3kXPjhSfj1AJGR1l9JGvJrHki1iHTA== -----END CERTIFICATE-----