VERSION=v3.5 DEBUG=1 #**********************************# #***** Required Configuration *****# #**********************************# # -- Fully qualified domain name (FQDN) of the Analysis Hub. # -- e.g. https://my.domain-name.com or http://my.domain-name.com:8000 # -- To enable TLS, either enable autocert, or set the location of the certificate files. ANALYSISHUB_FRONTEND_FQDN= # -- External, public hostname / IP address of the datastation. # -- Other (external) data stations should be able to reach # -- the data station on this host. DATASTATION_HOST= #**********************************# #***** Optional Configuration *****# #**********************************# #################### ### Analysis Hub ### #################### # -- ports of the Analysis Hub. ANALYSISHUB_PORT=8000 ANALYSISHUB_GRPC_PORT=8080 # -- Enable automatic TLS certificate issuance from Let's Encrypt. # -- By default, this requires either port 80 or 443 being publicly accessible for ACME challenges. # -- If port 80 is publicly accessible: # -- - Uncomment port "80:80" in docker-compose.yaml # -- If port 443 is publicly accessible: # -- - Port 80 can be disabled by setting ANALYSISHUB_AUTOCERT_HTTP01_ENABLED=false ANALYSISHUB_AUTOCERT_ENABLED=false # -- Enable challenge type http-01 for certificate issuance from Let's Encrypt. # -- This also exposed port 80 to solely respond to these challenges. ANALYSISHUB_AUTOCERT_HTTP01_ENABLED=true # -- Location of the Analysis Hub frontend TLS certificate. Format: /data/ # -- The folder ./data/analysis is mounted as /data in the container. ANALYSISHUB_FRONTEND_TLS_CERTFILE= # -- Location of the Analysis Hub frontend TLS certificate key. Format: /data/ # -- The folder ./data/analysis is mounted as /data in the container. ANALYSISHUB_FRONTEND_TLS_KEYFILE= # -- Defines the identity provider. Options: [linksight, localdb, microsoft, customoidc] ANALYSISHUB_AUTH_PROVIDER=linksight ### Only applies if ANALYSISHUB_AUTH_PROVIDER=localdb # -- Username of the initial admin. ANALYSISHUB_AUTH_LOCALDB_ADMIN_USERNAME= # -- Password of the initial admin. ANALYSISHUB_AUTH_LOCALDB_ADMIN_PASSWORD= ### Only applies if ANALYSISHUB_AUTH_PROVIDER=customoidc # -- Issuer URL for custom OIDC ANALYSISHUB_AUTH_OIDC_CUSTOM_ISSUERURL= # -- Client ID for custom OIDC ANALYSISHUB_AUTH_OIDC_CUSTOM_CLIENTID= # -- Client secret for custom OIDC ANALYSISHUB_AUTH_OIDC_CUSTOM_CLIENTSECRET= ### Only applies if ANALYSISHUB_AUTH_PROVIDER=microsoft # -- Tenant ID for Microsoft OIDC ANALYSISHUB_AUTH_OIDC_MICROSOFT_TENANTID= # -- Client ID for Microsoft OIDC ANALYSISHUB_AUTH_OIDC_MICROSOFT_CLIENTID= # -- Client secret for Microsoft OIDC ANALYSISHUB_AUTH_OIDC_MICROSOFT_CLIENTSECRET= #################### ### Data Station ### #################### # -- Alternative hosts for the datastation, comma-separated. These will be used by internal components to route traffic internally. # -- Define 'datastation' here to allow the Analysis Hub to connect to the Data Station through the local Docker network. DATASTATION_ALTHOSTS=datastation # -- mTLS HTTP port, which should be externally reachable. DATASTATION_PORT=8443 # -- mTLS gRPC port, which should be externally reachable. DATASTATION_GRPC_PORT=9090 ### Recovery flags (only use when instructed by Linksight) # -- Resyncs the data collaboration history at startup. DATASTATION_RESYNC_ALL=false # -- Skip Trillian proofs validation. DATASTATION_SKIP_EVENT_PROOFS=false ########################## ### Linksight Services ### ########################## # -- Host of the Linksight Services. LS_SERVICES_HOST=services.linksight.network # -- Port of the Linksight Services. LS_SERVICES_PORT=443 # -- Whether the Linksight Services server's certificate chain and host name verification should be skipped. LS_SERVICES_INSECURESKIPVERIFY=false