Configuration
In this section, the configuration of the http data plane is explained. Configuration is used based on a config.yaml
file which should be placed in the apps/backend
folder. This config.yaml
file is loaded when booting the application. The values get type checked, and it gives a clear error message if there is a configuration field missing or provided incorrectly. Next to the config.yaml
file, you can also set environment variables. These override the values that are listed in the config.yaml
file.
Databases
By default, the development database is sqlite. We use postgres databases for production type instances of the http data planes.
Authentication
Authentication for frontend services can be done via OAuth. This helps users who need to login to several components to authenticate themselves faster. The data plane is tested against Casdoor, with an Helm chart provided alongside the Helm chart of the data plane, but other OAuth services should be usable (e.g. Keycloak, or hosted OAuth services).
Name | Data Type | Required | Explanation | Default |
---|---|---|---|---|
Database Configuration | ||||
db.type | String | Yes | Type of the database. Must be "sqlite" or "postgres" . | |
db.database | String | Yes | Name of the database. Used as filename when "sqlite" is provided as database type | |
db.synchronize | Boolean | No | Whether or not the database should be synchronized, MUST only be true in test scenarios | false |
db.host | String | If type is postgres | Hostname of the database | |
db.port | Integer | If type is postgres | Port of the database | |
db.username | String | If type is postgres | Username of the user in the database | |
db.password | String | If type is postgres | Password of the user in the database | |
db.ssl | Boolean /Object | No | Boolean if SSL is not used, else object with options | false |
db.ssl.rejectUnauthorized | Boolean | No | Whether unauthorized requests should be rejected. | false |
OAuth Configuration | ||||
auth.enabled | Boolean | Boolean indicating whether an external OAuth server should be used. If false, all other properties under auth are not used | true | |
auth.authorizationURL | URL | If auth is enabled | OAuth Authorization endpoint URL | |
auth.tokenURL | URL | If auth is enabled | OAuth Token endpoint URL for retrieving access token based used when the data plane communicates with external services | |
auth.introspectionURL | URL | If auth is enabled | OAuth Introspection endpoint URL for validating access tokens | |
auth.callbackURL | URL | If auth is enabled | Callback URL of the data plane on which it expects callback requests to arrive | |
auth.redirectURL | URL | If auth is enabled | Redirect URL of the data plane which it used to redirect a user that has logged in | |
auth.clientId | String | If auth is enabled | OAuth client ID | |
auth.clientSecret | String | If auth is enabled | OAuth client secret | |
auth.clientUsername | String | If auth is enabled | OAuth client username of user used by the data plane for external services | |
auth.clientPassword | String | If auth is enabled | OAuth client password of user used by the data plane for external services | |
auth.rolePath | String | JSON Path used to translate roles into a simple array of roles, with as starting point the access token JWT payload | "$.roles[*].name" | |
Server Configuration | ||||
server.listen | String | No | IP address to listen on. | "0.0.0.0" |
server.port | Number | No | Port number for the server. | 3000 |
server.publicDomain | String | No | Public domain of the server. | "localhost" |
server.publicAddress | String | No | Public address of the server. | "http://localhost:3000" |
Control Plane Configuration | ||||
controlPlane.dataPlaneEndpoint | String | Yes | Data plane endpoint of the control plane to allow the data plane to register itself to the control plane | |
controlPlane.managementEndpoint | String | Yes | Management endpoint of the control plane to allow the data plane to invoke operations to the management API of the control plane | |
controlPlane.controlEndpoint | String | Yes | Public control endpoint for the metadata of resources provided by the data plane | |
controlPlane.initializationDelay | Number | No | Initialization delay (in ms) for registering to the data plane | 5000 |
Dataset Configuration | ||||
dataset.id | String | No | Identifier of the provided dataset | |
dataset.title | String | Yes | Title of the provided dataset | |
dataset.versions | VersionConfig[] | Yes | Version configuration of the provided dataset. Must contain at least one element | |
dataset.policy | PolicyConfig | No | Policy configuration for the provided dataset | |
Logging Configuration | ||||
logging.debug | Boolean | No | Flag whether full requests should be logged by the logging service. Can introduce issues wich large requests since all requests are fully read by the data plane. | false |