⚙️Configure feature toggles
Here's a guide to configure miscellaneous features. Most of the main features are defined in their proper guide, but this document will list feature flags that are not defined in any specific guide.
Laputa (legacy backend) flags
You can define the features flags in the values.override.yaml file:
laputa:
config:
common:
TOUCAN_KEY: value
# ...Extra connectors
Install and enable data connectors.
TOUCAN_EXTRA_CONNECTORS
To avoid installing unused connectors, some of the connectors are not installed. To install these, you need to specify like this '["azure_mssql", "oracle"]'.
'[]'
No
You can find a list of available values in the public repository (remove the .sh extension from the name).
Cookies, expiration dates and validity
A list of parameters to configure the expiration dates of tokens and passwords.
TOUCAN_SLOW_REQUEST_THRESHOLD
TOUCAN_TOKEN_VALIDITY
Set the validity period of the user’s access tokens. Quantifiers can be any of: “hours”, “days”, “weeks”.
30 days
No
TOUCAN_REFRESH_TOKEN_VALIDITY
Set the validity period of the user’s refresh tokens. Quantifiers can be any of: “hours”, “days”, “weeks”.
30 days
No
TOUCAN_SHORT_PASSWORD_TOKEN_VALIDITY
Set the validity period of the generated reset password tokens. Quantifiers can be any of: “hours”, “days”, “weeks”.
24 hours
No
TOUCAN_LONG_PASSWORD_TOKEN_VALIDITY
Set the validity period of the generated reset password tokens. Quantifiers can be any of: “hours”, “days”, “weeks”.
4 weeks
No
Predefined values
This is a non-exhaustive list of pre-defined values in the values.yaml. You should rarely change these values.
Container
A list of parameters related to the container behavior.
TOUCAN_NGINX_SUPERVISOR
Starts an internal NGINX
on
No
TOUCAN_CUSTOM_USER_ID
Sets the UID of the toucan system user of the backend container (this user manages the /app folder).
1000
No
TOUCAN_CUSTOM_GROUP_ID
Sets the GID of the toucan system user of the backend container.
1000
No
Public URLs
A list of parameters related to the public URLs.
TOUCAN_INSTANCE_NAME
Instance name. Only used at Toucan internally.
{{ .Values.global.hostname }}
No
TOUCAN_FRONTEND_URLS
Public frontend urls. Follows the format ["https://...", "https://..."].
["https://{{ .Values.global.hostname }}"]
No
MongoDB
A list of parameters required by Laputa to store data in MongoDB.
TOUCAN_MONGODB_HOST
Accessible host of the MongoDB server.
(handled by Helm)
Yes
TOUCAN_MONGODB_PORT
Accessible port of the MongoDB server.
(handled by Helm)
Yes
TOUCAN_MONGODB_READONLY_USER
MongoDB user with readonly permissions.
app_readonly
Yes
TOUCAN_MONGODB_READONLY_PASS
MongoDB RO user's password.
(generated by Helm)
Yes
TOUCAN_MONGODB_USER
MongoDB user with read-write permissions.
app
Yes
TOUCAN_MONGODB_PASS
MongoDB RW user's password.
(generated by Helm)
Yes
TOUCAN_MONGODB_ADMIN_USER
MongoDB root admin.
admin
Yes
TOUCAN_MONGODB_ADMIN_PASS
MongoDB root admin's password.
(generated by Helm)
Yes
TOUCAN_MONGODB_SSL
Connect to MongoDB using SSL/TLS.
false
No
The users (app, app_readonly and admin) and roles should be created with:
// admin is built-in.
// readAnyDatabase is built-in.
db.createRole({
role: 'readWriteDropAnyDatabase',
privileges: [],
roles: [
{ role: 'readWriteAnyDatabase', db: 'admin' },
{ role: 'dbAdminAnyDatabase', db: 'admin' },
],
});
db.createUser({
user: 'app',
pwd: '<password>',
roles: [{ role: 'readWriteDropAnyDatabase', db: 'toucan' }],
});
db.createUser({
user: 'app_readonly',
pwd: '<password>',
roles: [{ role: 'readAnyDatabase', db: 'toucan' }],
});If you want to connect the container to a MongoDB using SRV connection format, only set TOUCAN_MONGODB_HOST like this:
TOUCAN_MONGODB_HOST: 'mongodb+srv://${USER_RW}:${PASSWORD_RW}@mongo.yourdomain.com/api-toucan?retryWrites=true&w=majority'
TOUCAN_MONGODB_READONLY_HOST: 'mongodb+srv://${USER_RO}:${PASSWORD_RO}@mongo.yourdomain.com/api-toucan?w=majority'By default, using SRV, TLS will be enabled.
Redis
A list of parameters required by Laputa to cache data in Redis.
TOUCAN_REDIS_HOST
Accessible host of the Redis server.
(handled by Helm)
Yes
TOUCAN_REDIS_PORT
Accessible port of the Redis server.
(handled by Helm)
Yes
TOUCAN_REDIS_PASSWORD
Use Redis authentication.
unset
No
TOUCAN_REDIS_SSL
Use Redis SSL
false
No
Workers
See Tuning resources for more details.
TOUCAN_GUNICORN_WORKERS
Number of gunicorn sync workers.
(handled by Helm)
No
TOUCAN_GUNICORN_TIMEOUT
Workers silent for more than this many seconds are killed and restarted. Value is a positive number or 0. Setting it to 0 has the effect of infinite timeouts by disabling timeouts for all workers entirely. Generally, the default of thirty seconds should suffice. Only set this noticeably higher if you’re sure of the repercussions for sync workers. For the non sync workers it just means that the worker process is still communicating and is not tied to the length of time required to handle a single request.Use Redis SSL
30
No
TOUCAN_CELERY_MAX_WORKERS
Max number of celery workers.
2
No
TOUCAN_CELERY_QUICK_MAX_WORKERS
Max number of celery quick workers. Quick workers handle light tasks.
10
No
Gotenberg (PDF rendering service)
A list of parameters required by Laputa to render PDFs with Gotenberg.
TOUCAN_GOTENBERG_FLAG
Enable Gotenberg. (enable, disable or experimental)
experimental
Yes
TOUCAN_GOTENBERG_URL
Accessible URL to the gotenberg service.
(handled by Helm)
Yes
TOUCAN_GOTENBERG_USERNAME
Set the username for basic auth.
unset
No
TOUCAN_GOTENBERG_PASSWORD
Set the password for basic auth.
unset
No
Last updated
Was this helpful?