Configuration
Overview of configuration options
LinkedDataHub is configured using environment variables in the docker-compose.yml file (environment-specific configuration should go into docker-compose.override.yml instead).
Below you'll find a list of environment variables grouped by service (they are defined in the environment sections in docker-compose.yml).
linkeddatahub
WebID authentication
- ENABLE_WEBID_SIGNUP
- false to disable. Enabled by default.
- Currently this will only hide the signup button in the UI, without disabling the endpoint
Social login
- GOOGLE_CLIENT_ID
- OAuth client ID
- Login with Google authentication is enabled when this value is provided
- GOOGLE_CLIENT_SECRET
- OAuth client secret
Email server
- MAIL_SMTP_HOST
- Hostname of the email server
- MAIL_SMTP_PORT
- Port number of the email server
- MAIL_USER
- Username
- MAIL_PASSWORD
- Password (if required)
Linked Data
- ENABLE_LINKED_DATA_PROXY
- false to disable the Linked Data proxy (enabled by default)
HTTP(S)
- SELF_SIGNED_CERT
- Set to false false if not using the self-signed server certificate (e.g. using LetsEncrypt certificate instead). Not to be confused with the WebID client certificate. Enabled by default.
- MAX_CONTENT_LENGTH
- Maximum allowed request body size (nginx has a separate setting for this.) By default 2097152.
Debug
- JPDA_ADDRESS
- The address through which Java debugger can connect, for example *:8000. Note that the port has to be mapped to host in order for the debugger to work, e.g. 8080:8080.
- CATALINA_OPTS
- Tomcat's Java options
nginx
- SERVER_CERT_FILE
- Location of the server's SSL certificate. By default /etc/nginx/ssl/server.crt.
- SERVER_KEY_FILE
- Location of the server's SSL certificate's key. By default /etc/nginx/ssl/server.key.
- SSL_VERIFY_CLIENT
- off to disable TLS client certificate authentication on the $HTTPS_PORT port, which also disables LinkedDataHub's WebID-TLS authentication method.
- This option can be used to avoid the certificate prompt in the browser in end-user facing applications. The client certificate authentication is still available on port 5443.
- optional_no_ca to enable it.
- MAX_BODY_SIZE
- Maximum allowed request body size (linkeddatahub has a separate setting for this.) By default 2097152.
By default nginx is configured to guard against DoS by limiting the rate of requests per second, which can be necessary on a public instance. The limiting can be disabled in platform/nginx.conf.template by commenting out all lines starting with limit_req using #.