# Configure feature toggles Here's a guide to configure miscellaneous features. Most of the main features are defined in their proper guide, but this document will list feature flags that are not defined in any specific guide. ## Laputa (legacy backend) flags You can define the features flags in the `values.override.yaml` file: {% code title="yaml: values.override.yaml" %} ```yaml laputa: config: common: TOUCAN_KEY: value # ... ``` {% endcode %} ### Extra connectors Install and enable data connectors. | Parameter | Description | Default | Required | | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -------- | | TOUCAN\_EXTRA\_CONNECTORS | To avoid installing unused connectors, some of the connectors are not installed. To install these, you need to specify like this `'["azure_mssql", "oracle"]'`. | '\[]' | No | You can find a list of available values in the [public repository](https://github.com/ToucanToco/toucan-connectors/tree/master/toucan_connectors/install_scripts) (remove the `.sh` extension from the name). ### Cookies, expiration dates and validity A list of parameters to configure the expiration dates of tokens and passwords. | Parameter | Description | Default | Required | | ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ---------- | -------- | | TOUCAN\_SLOW\_REQUEST\_THRESHOLD | | | | | TOUCAN\_TOKEN\_VALIDITY | Set the validity period of the user’s access tokens. Quantifiers can be any of: “hours”, “days”, “weeks”. | `30 days` | No | | TOUCAN\_REFRESH\_TOKEN\_VALIDITY | Set the validity period of the user’s refresh tokens. Quantifiers can be any of: “hours”, “days”, “weeks”. | `30 days` | No | | TOUCAN\_SHORT\_PASSWORD\_TOKEN\_VALIDITY | Set the validity period of the generated reset password tokens. Quantifiers can be any of: “hours”, “days”, “weeks”. | `24 hours` | No | | TOUCAN\_LONG\_PASSWORD\_TOKEN\_VALIDITY | Set the validity period of the generated reset password tokens. Quantifiers can be any of: “hours”, “days”, “weeks”. | `4 weeks` | No | ### Predefined values This is a **non-exhaustive** list of pre-defined values in the `values.yaml`. You should rarely change these values. #### Container A list of parameters related to the container behavior. | Parameter | Description | Default | Required | | ------------------------- | -------------------------------------------------------------------------------------------------------- | ------- | -------- | | TOUCAN\_NGINX\_SUPERVISOR | Starts an internal NGINX | `on` | No | | TOUCAN\_CUSTOM\_USER\_ID | Sets the UID of the `toucan` system user of the backend container (this user manages the `/app` folder). | `1000` | No | | TOUCAN\_CUSTOM\_GROUP\_ID | Sets the GID of the `toucan` system user of the backend container. | `1000` | No | #### Public URLs A list of parameters related to the public URLs. | Parameter | Description | Default | Required | | ---------------------- | -------------------------------------------------------------------------- | ------------------------------------------- | -------- | | TOUCAN\_INSTANCE\_NAME | Instance name. Only used at Toucan internally. | `{{ .Values.global.hostname }}` | No | | TOUCAN\_FRONTEND\_URLS | Public frontend urls. Follows the format `["https://...", "https://..."]`. | `["https://{{ .Values.global.hostname }}"]` | No | #### MongoDB A list of parameters required by Laputa to store data in MongoDB. | Parameter | Description | Default | Required | | ------------------------------- | ----------------------------------------- | ------------------- | -------- | | TOUCAN\_MONGODB\_HOST | Accessible host of the MongoDB server. | (handled by Helm) | **Yes** | | TOUCAN\_MONGODB\_PORT | Accessible port of the MongoDB server. | (handled by Helm) | **Yes** | | TOUCAN\_MONGODB\_READONLY\_USER | MongoDB user with readonly permissions. | `app_readonly` | **Yes** | | TOUCAN\_MONGODB\_READONLY\_PASS | MongoDB RO user's password. | (generated by Helm) | **Yes** | | TOUCAN\_MONGODB\_USER | MongoDB user with read-write permissions. | `app` | **Yes** | | TOUCAN\_MONGODB\_PASS | MongoDB RW user's password. | (generated by Helm) | **Yes** | | TOUCAN\_MONGODB\_ADMIN\_USER | MongoDB root admin. | `admin` | **Yes** | | TOUCAN\_MONGODB\_ADMIN\_PASS | MongoDB root admin's password. | (generated by Helm) | **Yes** | | TOUCAN\_MONGODB\_SSL | Connect to MongoDB using SSL/TLS. | `false` | No | The users (`app`, `app_readonly` and `admin`) and roles should be created with: {% code title="js" overflow="wrap" %} ```js // admin is built-in. // readAnyDatabase is built-in. db.createRole({ role: 'readWriteDropAnyDatabase', privileges: [], roles: [ { role: 'readWriteAnyDatabase', db: 'admin' }, { role: 'dbAdminAnyDatabase', db: 'admin' }, ], }); db.createUser({ user: 'app', pwd: '', roles: [{ role: 'readWriteDropAnyDatabase', db: 'toucan' }], }); db.createUser({ user: 'app_readonly', pwd: '', roles: [{ role: 'readAnyDatabase', db: 'toucan' }], }); ``` {% endcode %} If you want to connect the container to a MongoDB using SRV connection format, only set `TOUCAN_MONGODB_HOST` like this: {% code title="yaml: values.yaml" overflow="wrap" %} ```yaml TOUCAN_MONGODB_HOST: 'mongodb+srv://${USER_RW}:${PASSWORD_RW}@mongo.yourdomain.com/api-toucan?retryWrites=true&w=majority' TOUCAN_MONGODB_READONLY_HOST: 'mongodb+srv://${USER_RO}:${PASSWORD_RO}@mongo.yourdomain.com/api-toucan?w=majority' ``` {% endcode %} By default, using SRV, TLS will be enabled. #### Redis A list of parameters required by Laputa to cache data in Redis. | Parameter | Description | Default | Required | | ----------------------- | ------------------------------------ | ----------------- | -------- | | TOUCAN\_REDIS\_HOST | Accessible host of the Redis server. | (handled by Helm) | **Yes** | | TOUCAN\_REDIS\_PORT | Accessible port of the Redis server. | (handled by Helm) | **Yes** | | TOUCAN\_REDIS\_PASSWORD | Use Redis authentication. | *unset* | No | | TOUCAN\_REDIS\_SSL | Use Redis SSL | `false` | No | #### Workers See [Tuning resources](https://docs-v3.toucantoco.com/self-hosted-toucan/configuration/tuning) for more details. | Parameter | Description | Default | Required | | ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -------- | | TOUCAN\_GUNICORN\_WORKERS | Number of gunicorn sync workers. | (handled by Helm) | No | | TOUCAN\_GUNICORN\_TIMEOUT |

Workers silent for more than this many seconds are killed and restarted.
Value is a positive number or 0. Setting it to 0 has the effect of infinite timeouts by disabling timeouts for all workers entirely.
Generally, the default of thirty seconds should suffice. Only set this noticeably higher if you’re sure of the repercussions for sync workers. For the non sync workers it just means that the worker process is still communicating and is not tied to the length of time required to handle a single request.Use Redis SSL

| 30 | No | | TOUCAN\_CELERY\_MAX\_WORKERS | Max number of celery workers. | 2 | No | | TOUCAN\_CELERY\_QUICK\_MAX\_WORKERS | Max number of celery quick workers. Quick workers handle light tasks. | 10 | No | #### Gotenberg (PDF rendering service) A list of parameters required by Laputa to render PDFs with Gotenberg. | Parameter | Description | Default | Required | | --------------------------- | --------------------------------------------------------- | ----------------- | -------- | | TOUCAN\_GOTENBERG\_FLAG | Enable Gotenberg. (`enable`, `disable` or `experimental`) | `experimental` | **Yes** | | TOUCAN\_GOTENBERG\_URL | Accessible URL to the gotenberg service. | (handled by Helm) | **Yes** | | TOUCAN\_GOTENBERG\_USERNAME | Set the username for basic auth. | *unset* | No | | TOUCAN\_GOTENBERG\_PASSWORD | Set the password for basic auth. | *unset* | No |