- 18 Nov 2024
- 10 Minutes to read
- Print
- DarkLight
Decisions Environment Variables
- Updated on 18 Nov 2024
- 10 Minutes to read
- Print
- DarkLight
Overview
Environment variables provide a way to configure and customize the behavior of applications inside containers. These variables align with the settings outlined in the Settings.xml file, encompassing tasks such as setting up a container's database connection or configuring HTTPS.
Decisions, when deployed in Containers, follow a pre-configured settings.xml file to deploy it successfully. Although users cannot directly modify the values in the settings.xml, they can override the properties by using environment variables.
Example YAML File
Refer to the following YAML file that includes all the required environment variables to host a container successfully.
version: "3.2"
services:
decisions-1:
container_name: Decisions_Test
image: "decisionscore/platform:latest" #navigate to https://hub.docker.com/r/decisionscore/platform/tags to find your prefered build
ports:
- "9092:80"
environment:
- DECISIONS_DATABASETYPE=MSSQL
- DECISIONS_DATABASECONNECTSTRING=Data Source=[systemIP];Initial Catalog=11_07;Integrated Security=false;User ID=[user];Password=[password];
- DECISIONS_PORTALBASEURL=http://localhost:9092 #your application host URL. This could also be a FQDN.
- DECISIONS_ENVIRONMENTNAME=Decisions_Test #give a unique environment name if container is in cluster
- DECISIONS_ADMINISTRATOR_EMAIL=roy@decisions.com #admin account to login
- DECISIONS_ADMINISTRATOR_PASSWORD= Roy@123 #password for your admin account
- LANG=en_US.UTF-8
- LANGUAGE=en_US:en
- LC_ALL=en_US.UTF-8
- DECISIONS_LICENSECOMPANYID=119eb5-17a8-11e6-xxx-xxx #connect with support@decisions.com for your company ID
- DECISIONS_LICENSECOMPANYNAME=Decisions #connect with support@decisions.com for your Company Name
- DECISIONS_LICENSECONTACTEMAIL=john@email.com #email address to receive the License Request Details
- DECISIONS_LICENSETYPE=EnterpriseNonProduction #License type can be EnterpriseNonProduction, EnterpriseProduction, StandardProduction, StandardNonProduction, Repository, or DisasterRecovery.
volumes:
#Volume Mount creation on a local install, Cloud deployed container will be different. Format is [host computer file path]:[file path from inside the container you want to map on the host]
- [PhysicalFilePath]:/opt/decisions/data
Required Environment Variables
To successfully host a container instance, the following environment variables are necessary.
Note: To configure the Container as required, refer to the later sections in the article.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_DATABASETYPE | Configures what type of database the Container uses. For more information, refer to Database Server and Configuration. | MSSQL / POSTGRES / AZURE |
DECISIONS_DATABASECONNECTSTRING | Configures the Container's connection to its database. | Data Source=[systemIP];Initial Catalog=11_07;Integrated Security=false;User ID=[user];Password=[password]; |
DECISIONS_ADMINISTRATOR_EMAIL | Allows the creation of an administrator account that will be used to log in to the Portal after completing the hosting process. Note: This email address will be set as the default email address for sending notification emails. This default email address can be modified in the Portal settings. | roy@decisions.com |
DECISIONS_ADMINISTRATOR_PASSWORD | Provide the password to the admin email. | -- |
DECISIONS_PORTALBASEURL | This sets up the URL of the Container, which may include the Fully Qualified Domain Address (FQDA). | https://decisions.com/ |
Additional Environment Variables
The following section demonstrates the additional and optional environment variables users might need to configure based on their application's use case.
Securing Decisions Container Environment
To enhance the security of a Decisions Environment within containers, users have the option to incorporate various environment variables, including HTTPS, ForceBaseURI, and many more. For more information, refer to Securing Decisions Container Environment.
Changing the default file storage location
The default file storage location of the Decisions Container is at /opt/decisions/data
. Users can use the following variable to change the default location.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_FILESTORAGELOCATION | Configures location to allow containers to preserve data. Since containers are Linux-based, paths for the file storage will be case-sensitive. Users must volume map the new storage location with the physical file path to ensure it is persistent. | [PhysicalFilePath]:[FileStorageLocation] Refer to the above example YAML file for volume mapping. |
Licensing
The following variables are used to License the Decisions environment. Without a License, users cannot log into the containerized environment. For more information, refer to Decisions License.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_LICENSECOMPANYID | Enter the license ID for the Container's instance. | xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx |
DECISIONS_LICENSECOMPANYNAME | Enter the company name attached to the license's ID. | Decisions |
DECISIONS_LICENSECONTACTEMAIL | Enter a contact email for the provided license. | example@email.com |
DECISIONS_ENVIRONMENTNAME | Enter the name of the Container to license. This can be specified during container creation or afterward. | TestingEnvironment |
DECISIONS_LICENSETYPE | Enter the license type of the Container. This will likely be either 'Enterprise Production' or 'EnterpriseNonProduction'. | EnterpriseProduction |
Clustering
The following optional environment variables are required to set up a clustered environment.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_CLUSTERING_TURNONCLUSTERING | Toggles whether the containers support clustering. | true |
DECISIONS_CLUSTERING_REDISBASEURL | Prompts for the Redis URL of the Redis server. | localhost:6379 |
DECISIONS_CAN_BE_JOB_SERVER | Toggles whether the server can be a job server. Ensure to mark it True when running the servers in clustering. For more information, refer to Setting the Primary Job Server for a Cluster. | true |
Integration
The following optional variables allow users to configure Integration settings within the Portal.
For more information, refer to Integration Settings and How to Set Up and Use JWT.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_INTEGRATION_ USEASYMMETRICKEY | Enables the Container to use the Public Key for JSON Web Token (JWT). | true |
DECISIONS_INTEGRATION_JWTSECRETKEY | Enter the Secret Key for the JSON Web Token (JWT) | -- |
DECISIONS_INTEGRATION_JWTPUBLICKEY | Enter the Public Key for the JSON Web Token (JWT) | -- |
Azure Logging
The following environment variables can be used to configure the Azure Log Analytics.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_LOG_AZURE_WORKSPACE_ID | Required for log analytics. Enter the Workspace ID of the Log Analytics workspace. | -- |
DECISIONS_LOG_AZURE_AUTHENTICATION_ID | Required for log analytics. Enter the Authentication ID of the Log Analytics workspace. | -- |
AWS Logging and IAM credentials
The following optional environment variables are recommended for Setting up AWS Cloudwatch Logging.
Environment Variable | Description | Example Value |
---|---|---|
DECISIONS_LOG_AWS_REGION | Enter the address of the Cloudwatch region. | -- |
DECISIONS_LOG_AWS_LOG_GROUP_PATH | Enter the log path. | -- |
AWS_ACCESS_KEY_ID | Enter the Access Key ID for the IAM Role. | -- |
AWS_SECRET_ACCESS_KEY | Enter the Secret Access Key for the IAM Role. | -- |
Settings.xml and their corresponding Environment Variable
In Settings.xml, we modify the values between the tags to adjust the server settings. However, to configure the same settings in containers, we need to follow a naming convention: DECISIONS_<SettingName>=<Value of the setting>.
Setting from Settings.xml | Environment Variable | Description | Default Value |
---|---|---|---|
HideSystemValidationWarning | DECISIONS_HIDESYSTEMVALIDATIONWARNING | Controls whether warnings from system validation are hidden. | false |
DynamicLocalModuleLoading | DECISIONS_DYNAMICLOCALMODULELOADING | Toggles loading local module libraries and their functions into memory. | true |
MaxWritableSizeInBytes | DECISIONS_MAXWRITABLESIZEINBYTES | Specifies the maximum size, in bytes, for writable operations. 'MaxWritableSizeInBytes' is set to -1, which suggests that there is no maximum size imposed on writable operations | -1 |
NoLockReads | DECISIONS_NOLOCKREAD | Toggles No Lock allows SQL to read data without regard to locks and other blockers. | false |
OptimizeDataMemberAccess | DECISIONS_OPTIMIZEMEMBERACCESS | Controls optimization of data member access. | false |
NumberOfExclusiveApiThreads | DECISIONS_NUMBEROFEXCLUSIVEAPITHREADS | Number of exclusive API threads. | 1 |
HideCreatedByOnImport | DECISIONS_HIDECREATEDBYONIMPORT | Determines whether to hide the 'created by' information on import. | true |
MaintenanceMode | DECISIONS_MAINTENANCEMODE | Toggles setting the server into Maintenance Mode. Any jobs will pause, and only Administrators can log in until this is turned off. For more information refer to Maintenance Mode. | false |
DefaultExpireDays | DECISIONS_DEFAULTEXPIREDAYS | 7 | |
ShareAccountSessions | DECISIONS_SHAREACCOUNTSESSIONS | false | |
ShowUnhandledExceptionDialog | DECISIONS_SHOWUNHANDLEDEXCEPTIONDIALOG | Toggles display an error window when catching an unhandled exception. | false |
ClientStorageQuota | DECISIONS_CLIENTSTORAGEQUOTA | Specifies the client storage quota, limiting the amount of data stored on the client side. | 1 |
UserIdCaseSensitive | DECISIONS_USERIDCASESENSITIVE | Toggles case sensitivity for username during login. | false |
LogFileMaxSize | DECISIONS_LOGFILEMAXSIZE | Prompts for the maximum size of a log file. A log that exceeds this size then rolls over into a new file. | 10485760 |
LogMaxBackups | DECISIONS_LOGMAXBACKUPS | Prompts for the maximum number of log files to keep. | 10 |
UseTimeZoneTranslation | DECISIONS_USETIMEZONETRANSLATION | Toggles time zone translation | false |
EnvironmentName | DECISIONS_ENVIRONMENTNAME | Prompts for the environment name of the installed instance. This will often match the license. | Production |
LogSqlStatements TakingMoreThanSeconds | DECISIONS_LOGSQLSTATEMENTSTAKINGMORETHANSECONDS | Configures the system to log SQL statements that take more than a specified execution time. | 5 |
OutputSQLProfileLog | DECISIONS_OUTPUTSQLPROFILELOG | This variable activates the output of SQL profile logs. SQL profiling provides detailed insights into the execution of SQL queries | false |
LogAPICallsTaking MoreThanSeconds | DECISIONS_LOGAPICALLSTAKINGMORETHANSECONDS | Logs API calls that take more than a specified time to complete | 5 |
LogFlowStepsTaking MoreThanMilliseconds | DECISIONS_LOGFLOWSTEPSTAKINGMORETHANMILLISECONDS | Logs Flow steps that take more than a specified time (in milliseconds) to execute | 1000 |
IgnoreAllCertificateErrors | DECISIONS_IGNOREALLCERTIFICATEERRORS | Toggles respecting certificate errors such as trust errors from self-signed licenses. | false |
LaunchDebugger OnUnitTestFail | DECISIONS_LAUNCHDEBUGGERONUNITTESTFAIL | Toggles initializing the Debugger upon unit test failure | false |
DatabaseConnectString | DECISIONS_DATABASECONNECTSTRING | Configures the Container's connection to its database. A few example connection string has been listed at the end of the table. | |
InstanceDatabase ConnectionStringTemplate | DECISIONS_INSTANCEDATABASECONNECTIONSTRINGTEMPLATE | Provides a template for instance-specific database connection strings. This allows for dynamic configuration of database connections based on specific instances or deployments of the Decisions platform. | -- |
DefaultDatabaseQueryTimeout | DECISIONS_DEFAULTDATABASEQUERYTIMEOUT | Prompts for a time duration for database queries that, if exceeded, will automatically fail. | 60 |
Secondary DatabaseConnectString | DECISIONS_SECONDARYDATABASECONNECTSTRING | Specifies the connection string for the secondary database. In environments with multiple databases, this variable enables the configuration of a secondary database for specific purposes, such as redundancy or failover. | |
DataBaseType | DECISIONS_DATABASETYPE | Configures what type of database the Container uses. For more information, refer to Database Server and Configuration. | MSSQL/ POSTGRES/ AZURE |
WatcherSocketPort | DECISIONS_WATCHERSOCKETPORT | Sets the port for the watcher socket. The watcher socket facilitates communication and coordination between different components of the Decisions system, and configuring the port allows for proper network communication. | 20999 |
PortalBaseUrl | DECISIONS_PORTALBASEURL | Configures the URL of the Container consisting of the domain name and its port. | -- |
ClusterAddressableIP | DECISIONS_CLUSTERADDRESSABLEIP | Prompts for IP addresses to allow cluster server connections. If blank, then the server is not clustered. | -- |
ClusterPortalBaseUrl | DECISIONS_CLUSTERPORTALBASEURL | Prompts for the Portal base URL of the clustered environment. This should match the Instance URL generated from the Control instance's Add Instance window. If blank, then the server is not clustered. For more information, refer to Setting Up A Cluster. | -- |
ServerAdministratorEmail | DECISIONS_SERVERADMINISTRATOREMAIL | Prompts for which email will be contacted by actions such as Send Logs to Support and Send Notification to Server Admin. | support@ decisions.com |
ServerType | DECISIONS_SERVERTYPE | Determines the Container's server type. Without this variable, containers are installed as a standard Application server. |
|
ControlInstanceURL | DECISIONS_CONTROLINSTANCEURL | Prompts for the control instance URL in multi-tenancy environments. | https://decisions-control-instance/ |
InstanceAuthenticationKey | DECISIONS_INSTANCEAUTHENTICATIONKEY | Prompts for the instance Authorization Key. | -- |
DeploymentLockEnabled | DECISIONS_DEPLOYMENTLOCKENABLED | Toggles block users from creating or modifying any Designer Elements in the server. | false |
ByPassSmtpServer | DECISIONS_MAIL_BYPASSSMTPSERVER | Toggles bypassing below SMTP settings instead of using direct mail. It is not recommended to set it to True unless for testing purposes. Refer to the Email and SMTP in Decisions article for further information. | true |
ServerAddress | DECISIONS_MAIL_SMTPSERVER_SERVERADDRESS | Enter the domain name of the SMTP service. | -- |
Port | DECISIONS_MAIL_SMTPSERVER_PORT | Enter the port number of the SMTP server. | 25 |
RequiresAuthentication | DECISIONS_MAIL_SMTPSERVER_REQUIRESAUTHENTICATION | Toggles if authentication is necessary to log in to the SMTP server. | false |
Username | DECISIONS_MAIL_SMTPSERVER_USERNAME | Enter the username of the SMTP server. | -- |
Password | DECISIONS_MAIL_SMTPSERVER_PASSWORD | Enter the password for the specified user. | -- |
UseSSL | DECISIONS_MAIL_SMTPSERVER_USESSL | Toggles secure socket layer (SSL) encryption on SMTP mail. | false |
UseImplicitSSL | DECISIONS_MAIL_SMTPSERVER_USEIMPLICITSSL | -- | |
SkipCertificateRevocationCheck | DECISIONS_MAIL_SMTPSERVER_SKIPCERTIFICATEREVOCATIONCHECK | false | |
PushMode | DECISIONS_PUSHMODE | Enabled | |
ServerName | DECISIONS_SERVERNAME | Specifies the name of the Decisions server. This information is crucial for identification and management purposes in networked or distributed environments. | -- |
SplitInstancesToProcesses | DECISIONS_SPLITINSTANCESTOPROCESSES | true | |
RestartStoppedInstances | DECISIONS_RESTARTSTOPPEDINSTANCES | If set to true, enables the automatic restart of stopped instances. Automatic restart helps maintain continuous availability and responsiveness. | true |
ServerHeart BeatIntervalInSeconds | DECISIONS_SERVERHEARTBEATINTERVALINSECONDS | Configuring this interval influences the frequency of these health-check signals. | 5 |
SendWakeUpUsingOneWayCall | DECISIONS_SENDWAKEUPUSINGONEWAYCALL | false | |
UseLuceneFullTextSearch | DECISIONS_USELUCENEFULLTEXTSEARCH | If set to true, enables the use of Lucene for full-text search capabilities. Lucene is a powerful search engine library, and activating this variable enhances the platform's ability to perform efficient full-text searches. | false |
SplashScreenText | DECISIONS_SPLASHSCREENTEXT | Prompts for text to display when the Portal loads/reloads. | Decisions OS is Loading. . . |
ProductTitle | DECISIONS_PRODUCTTITLE | Sets the title or name associated with the product | -- |
FileStorageLocation | DECISIONS_FILESTORAGELOCATION | Configures location to allow containers to preserve data. Since containers are Linux-based, paths for the file storage will be case-sensitive. Users must volume map the default value with the physical file storage location to ensure it is persistent. | /opt/decisions/data |
LogCheckFieldTypes | DECISIONS_LOGCHECKFIELDTYPES | If set to true, activates the logging of field types during checks. | false |
EnableSingleSignOn | DECISIONS_ENABLESINGLESIGNON | Toggles enable single-sign-on (SSO) for user logins for added security to the Container. | false |
AsyncCheckPeriod | DECISIONS_ASYNCCHECKPERIOD | 2000 | |
AsyncNumChecks | DECISIONS_ASYNNUMCHECKS | 7 | |
AutoStartProfiler | DECISIONS_AUTOSTARTPROFILER | Toggles automatically start the Profiler to capture the session. | true |
Recoverable PasswordEncryptionType | DECISIONS_RECOVERABLEPASSWORDENCRYPTIONTYPE | Sets the encryption type for recoverable passwords, such as DES. | DES |
PasswordHashEncryptionType | DECISIONS_PASSWORDHASHENCRYPTIONTYPE | Specifies the encryption algorithm used for hashing passwords within the Decisions system. | SHA256 |
AllowedIPAddresses | DECISIONS_ALLOWEDIPADDRESSES | Permitted client IP addresses to access the server. | |
DeniedIPAddresses | DECISIONS_DENIEDIPADDRESSES | IP addresses to block access to the Decisions server. | |
InstanceName | DECISIONS_INSTANCENAME | Defines the name of the installed server instance referenced in the connection string, e.g., "localhost:80/Primary/" | Primary |
LoginPageAllowedIPs | DECISIONS_LOGINPAGEALLOWEDIPS | Permitted IP addresses for users to log in to the server. | |
ORMSaveByMerge | DECISIONS_ORMSAVEBYMERGE | Flags whether the Object-Relational Mapping (ORM) system should save data by merging changes. | true |
SkipEnforceDBExistsStep | DECISIONS_SKIPENFORCEDBEXISTSSTEP | When set to true, this variable instructs the server to skip enforcing the existence of the database during certain steps. This can be useful in scenarios where the database structure is managed externally or dynamically. | false |
UsePrototypeInstance | DECISIONS_USEPROTOTYPEINSTANCE | Toggles using a template instance. Mainly used for multitenant environments. | true |
FullTextSearch | DECISIONS_FULLTEXTSEARCH | Defines the status of full-text search within the platform, specifying whether it is enabled or disabled. Full-text search enhances the search capabilities, allowing for more comprehensive and efficient searching of textual data. | Enabled |
HideDetailedErrorMessages | DECISIONS_HIDEDETAILEDERRORMESSAGES | Controls whether detailed error messages are hidden. | false |
InterServer CommunicationMode | DECISIONS_INTERSERVERCOMMUNICATIONMODE | Specifies the mode of communication between servers, such as using HTTP. This variable influences the underlying communication protocols employed for inter-server interactions. | http |
CaptureAspNetLogs | DECISIONS_CAPTUREASPNETLOGS | Toggles capturing HTTP requests and responses in a log file saved under /Logs/Asp.NET Core with the prefix "w3clog." | false |
AspNetLogsFileCountLimit | DECISIONS_ASPNETLOGSFILECOUNTLIMIT | Allows to configure the maximum number of ASP NET logs to store. Newer logs will override the oldest logs | 30 |
AspNetLogsFileSizeLimit | DECISIONS_ASPNETLOGSFILESIZELIMIT | Allows to configure the maximum size of an ASP NET log file. A log that exceeds this size then rolls over into a new file. | 104857600 |
CaptureW3CLogs | DECISIONS_CAPTUREW3CLOGS | Toggles capturing W3C logs in the log file | false |
ServiceAccountPassword | DECISIONS_SERVICEACCOUNTPASSWORD | ||
DefaultSameSiteCookieMode | DECISIONS_DEFAULTSAMESITECOOKIEMODE | Allows selection of the cookie behavior for the server. SameSite attributes control how cookies are sent with cross-site requests, impacting security and privacy aspects. | Lax |
ForceBaseURI | DECISIONS_FORCEBASEURI | This environment variable must be used if SSL terminates at the Load Balancer. | |
AllowProxyFrom | DECISIONS_ALLOWPROXYFROM | Toggles permitting proxy headers | false |
HttpPort | DECISIONS_HTTPPORT | These variables allow the application to run on designated ports within the containers. By doing so, users can map the Container's port to a particular port on the host machine, facilitating access to the application running inside the Container from the host's network. | 80 |
HttpsPort | DECISIONS_HTTPSPORT | 443 | |
ProxyFromWhiteList | DECISIONS_PROXYFROMWHITELIST | This setting is a comma-separated list of "protocol://host" values that make up a whitelist. The whitelist defines the addresses (protocols and hosts) the platform allows proxying. If this list is empty and AllowProxyFrom is set to true, it allows proxying from any source. | |
CustomHeaders | DECISIONS_CUSTOMHEADERS | For Custom Headers, users need to set the value of the DECISIONS_CUSTOMHEADERS in a JSON String format. This JSON String gets automatically deserialized and converted in XML format in Settings.xml. Example: [{"Name": "X-Frame-Options", "Value": "SAMEORIGIN"}] | [{"Name": "X-Frame-Options", "Value": "SAMEORIGIN"}] |
ApplicationName | DECISIONS_APPLICATIONNAME | Prompts for a name that any created cookies can use. | Decisions |
DisableAutoSSO SignInParameter | DECISIONS_DISABLEAUTOSSOSIGNINPARAMETER | When set to true, this variable disables the automatic inclusion of Single Sign-On (SSO) parameters during sign-in. This can be relevant for scenarios where custom handling of SSO parameters is required. | false |
HttpsCerificateLocation | DECISIONS_HTTPSCERIFICATELOCATION | Specifies the location of the HTTPS certificate used for securing communications over HTTPS | PhysicalFilePath |
CertificateThumbPrint | DECISIONS_CERTIFICATETHUMBPRINT | Prompts for certificate thumbprint of SSL certificate when using the certificate store option. | |
InstanceAuthenticationKey | DECISIONS_INSTANCEAUTHENTICATIONKEY | Prompts for the authentication key are generated from a Control instance's Add Instance window. | |
ObfuscateSessionIdInLogs | DECISIONS_OBFUSCATESESSIONIDINLOGS | When set to true, this variable instructs the system to obfuscate session IDs in logs. | false |
AllowedFileAccessPaths | DECISIONS_ALLOWEDFILEACCESSPATHS | Allows to specify File Paths to which the Decisions Server can write files. The primary purpose of this setting is to prevent File Path Traversal. This setting should be used if users get an error "{FilePath} is outside the allowed directory paths. | |
EnableHttp | DECISIONS_ENABLEHTTP | The Decisions application running inside a container listens to ports 80 and 443 by default, and these variables toggle the use of the default web traffic ports for connections to the server. Note: Either HTTP or HTTPS must be marked True to access the application. | true |
EnableHttps | DECISIONS_ENABLEHTTPS | false | |
HttpsCertificatePath | DECISIONS_HTTPSCERTIFICATEPATH | Enter the file path where the Container's certificate resides. This searches C:\Docker by default. Enter the certificate name at the end. | |
HttpsCertificatePassword | DECISIONS_HTTPSCERTIFICATEPASSWORD | Use this variable if the SSL certificate is password protected. | |
EnableHttpToHttpsRedirection | DECISIONS_ENABLEHTTPTOHTTPSREDIRECTION | This setting will redirect the connection from HTTP to HTTPS. | false |