Configuration options

Environment Variables

The environment variables, which are defined in the openiam-docker-compose/env.sh, should be reviewed and updated to align with your enviornment and deployment objectives. These MUST be done before running the deployment scripts. The env.sh file is sourced during the installation process and the export statements in this file are executed.

Environment variableDescription
LOGGING_LEVELThe logging level of OpenIAM modules. The values that can be specified are:
  • ERROR - shows messages about errors that prevent the application from running correctly and require intervention for fixing.
  • WARN - shows warning messages. These warnings are about potentially harmful situations.
  • INFO - informational messages about the progress of the application.
  • DEBUG - fine-grained informational messages that are useful for debugging the application.
  • TRACE - finer-grained informational messages than DEBUG that can be used to find one part of a function specifically.
In production environments, it is recommended that you specify the logging level as either WARN or ERROR. If you set the logging level as DEBUG, a lot of information is generated, which can lead to system overload and disk space issues.
OPENIAM_VERSION_NUMBERThe OpenIAM version that you wish to run. For OpenIAM 4.2.0.5, set this environment variable to 4.2.0.5
BUILD_ENVIRONMENTThe OpenIAM environment that you are pulling from Docker. Valid values are latest, dev, qa, and prod. By default, the build environment is set to prod.
REDIS_PASSWORDThe password that is used to communicate with Redis, the in-memory data structure store that is used as a database, cache, and message broker.

By default, it is set as export REDIS_PASSWORD="passwd00"
RABBITMQ_PASSWORDThis is the password that will be used to communicate with RabbitMQ.

By default, it is set as export RABBITMQ_PASSWORD="passwd00"
DB_ROOT_PASSWORDThe root password that is used to set up MySQL.
Note:This password stays internal to the MySQL Docker container to ensure security.

By default, it is set as export MYSQL_ROOT_PASSWORD="passwd00"
DB_TYPEThe database type to be used. Valid values are MariaDB, Posgres, MSSQL, and Oracle. By default, the database type is set to MariaDB.
LDAP_KEYSTORE_PASSWORDPassword of your keystore. The default value is changeit.
OPENIAM_DEFAULT_URIThe URL to which the application defaults when a user enters an unknown URL. By default, the URL is specified as /selfservice/.
SYS_LOG_HOSTThe Docker host server. This environment variable, along with the DOCKER_HOST_IP, allows redirecting syslogs from OpenIAM to the Docker host server.
DOCKER_HOST_IPThe IP address of the Docker host. This environment variable, along with the SYS_LOG_HOST, allows redirecting syslogs from OpenIAM to the Docker host server.

Use the OS command to get the IP address or set it manually. For example export DOCKER_HOST_IP=172.18.0.1 or export DOCKER_HOST_IP=$(ifconfig docker_gwbridge
REDISSON_TIMEOUTThe server response timeout in milliseconds. The default value for the response timeout is 5000 (set by export REDISSON_TIMEOUT="5000" in the file).
JDBC_OPENIAM_DB_USERThis is the username to the openiam database
JDBC_OPENIAM_DB_PASSWORDThis is the password to the opeiam database
JDBC_ACTIVITI_DB_USERThis is the username to the activiti database
JDBC_ACTIVITI_DB_PASSWORDThis is the password to the activiti database
OPENIAM_DATABASE_NAMEThe openiam database name
ACTIVITI_DATABASE_NAMEThe openiam database name
KEYSTORE_PSWDThis is the java keystore password
IAM_JKS_PASSWORDThe password encyrption key master password
IAM_JKS_KEY_PASSWORDThe password encryption key password
IAM_JKS_COOKIE_KEY_PASSWORDThe cookie key password
IAM_JKS_COMMON_KEY_PASSWORDThe common key password
VAULT_JKS_PASSWORDThe password of the Vault Certificate. See the Vault section for information about setting up the Vault Certificate