Skip to content

Commit

Permalink
docs: application configuration (impierce#107)
Browse files Browse the repository at this point in the history
* fix: docker compose file

* fix: broken `Host` in `pgadmin` server config

* refactor: rename Docker Compose file according to latest guides

* docs: update & shorten

* chore: remove obsolete `version`

* chore: add example file

* WIP

* docs: bump to match latest version

* refactor: rename headings

* docs: apply feedback
  • Loading branch information
daniel-mader authored and berkes committed Aug 14, 2024
1 parent 3ade073 commit 9e3d424
Showing 1 changed file with 37 additions and 29 deletions.
66 changes: 37 additions & 29 deletions agent_application/CONFIGURATION.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,35 +3,43 @@
A configuration file is used to configure UniCore. It is expected to be present in `agent_application/config.yaml`. An example can be found in [example-config.yaml](example-config.yaml). Values can also be set through the environment, preferably used to inject sensitive values or environment-specific values.

> [!NOTE]
> Environment variables override values specified in the configuration file.
## Common

| Name | Description | Default value | Accepted values |
| ------------------------------------- | ------------------------------------------------------------------------- | ------------- | ------------------------------------------------------------------ |
| `LOG_FORMAT` | The format of the log output. | `json` | `json`, `text` |
| `EVENT_STORE` | The type of event store to use. | - | `in-memory`, `postgres` |
| `EVENT_STORE_DB_CONNECTION_STRING` | The connection string for the event store database. | - | `postgresql://<user>:<pass>@<host>` (only required for `postgres`) |
| `URL` | The URL of the service itself. | - | `https://my-domain.example.org` |
| `CORS_ENABLED` | Enable CORS (permissive, allow all). Only required for web-based wallets. | `false` | boolean |
| `DID_METHOD_WEB_ENABLED` | Create and host a `did:web` document. | `false` | boolean |
| `DOMAIN_LINKAGE_ENABLED` | Enable domain linkage (only works with `did:web`). | `false` | boolean |
| `EXTERNAL_SERVER_RESPONSE_TIMEOUT_MS` | The timeout for external server responses. | `1000` | integer |
| `PREFERRED_DID_METHOD` | The default DID method to use. | `jwk` | `jwk`, `key`, `web` |

## Stronghold

| Name | Description | Default value | Accepted values |
| --------------------- | -------------------------------------- | ------------- | ----------------------------- |
| `STRONGHOLD_PATH` | The path to the stronghold file. | - | `/var/lib/unicore/stronghold` |
| `STRONGHOLD_PASSWORD` | The password to unlock the stronghold. | - | - |
| `ISSUER_DID` | The DID of the issuer. | - | - |
| `ISSUER_FRAGMENT` | The fragment to be used. | - | - |
| `KEY_ID` | The key ID to be used. | - | - |
> Environment variables **override** values specified in the configuration file.
> [!IMPORTANT]
> All environment variables need to be prefixed with `UNICORE__` to prevent conflicts with existing variables.
## General

| Name | Description | Default value | Accepted values |
| ------------------------------------------------------- | ----------------------------------------------------------------- | ------------- | ---------------------------------------- |
| `UNICORE__LOG_FORMAT` | The format of the log output. | `json` | `json`, `text` |
| `UNICORE__EVENT_STORE__TYPE` | The type of event store to use. | - | `in_memory`, `postgres` |
| `UNICORE__EVENT_STORE__CONNECTION_STRING` | The connection string for the event store database. | - | `postgresql://<user>:<pass>@<host>/<db>` |
| `UNICORE__URL` | The base URL UniCore runs on. | - | `https://my-domain.example.org` |
| `UNICORE__BASE_PATH` | A base path can be set if needed. | - | string |
| `UNICORE__CORS_ENABLED` | Enable CORS (permissive). Only required for browser-based access. | `false` | boolean |
| `UNICORE__DID_METHODS__DID_WEB__ENABLED` | Create and host a `did:web` DID document. | `false` | boolean |
| `UNICORE__SIGNING_ALGORITHMS_SUPPORTED__EDDSA__ENABLED` | Toggles the algorithm allowed for cryptographic operations. | `true` | boolean |
| `UNICORE__DOMAIN_LINKAGE_ENABLED` | Enable domain linkage (only works with `did:web`). | - | boolean |
| `UNICORE__EXTERNAL_SERVER_RESPONSE_TIMEOUT_MS` | The timeout for external server responses (in milliseconds). | `1000` | integer |

<!-- TODO: How to document all other DID methods? -->
<!-- TODO: VP_FORMATS -->
<!-- TODO: EVENT_PUBLISHERS: even configured through env vars? -->

## Secret Management

| Name | Description | Default value | Accepted values |
| ---------------------------------------------- | -------------------------------------- | ------------- | ----------------------------- |
| `UNICORE__SECRET_MANAGER__STRONGHOLD_PATH` | The path to the stronghold file. | - | `/var/lib/unicore/stronghold` |
| `UNICORE__SECRET_MANAGER__STRONGHOLD_PASSWORD` | The password to unlock the stronghold. | - | - |
| `UNICORE__SECRET_MANAGER__ISSUER_KEY_ID` | The key ID to be used. | - | - |
| `UNICORE__SECRET_MANAGER__ISSUER_DID` | The DID of the issuer. | - | - |
| `UNICORE__SECRET_MANAGER__ISSUER_FRAGMENT` | The fragment to be used. | - | - |

## Look and Feel

| Name | Description | Default value | Accepted values |
| --------------------- | --------------------------------- | ------------- | --------------- |
| `CREDENTIAL_NAME` | The name of the credential. | - | string |
| `CREDENTIAL_LOGO_URL` | The URL of the credential's logo. | - | URL |
> [!NOTE]
> Setting display values is currently not supported through environment variables. Please refer to `config.yaml`.
<!-- TODO: DISPLAY_0_NAME: even configured through env vars? -->

0 comments on commit 9e3d424

Please sign in to comment.