This article only applies to FOSSA on-prem users (i.e. you are running a FOSSA appliance behind your firewall). Contact support if you need help installing or configuring FOSSA.
These are environment variables you can pass when booting the FOSSA instance to configure behavior.
secret
- unique 64-character HEX string used to protect data throughout your app
app__hostname
- hostname, defaults to localhost
app__port
- fossa access port, defaults to 9578
app__bind_port
- (Optional) fossa server bind port, defaults to app_port
but can be used if access port is different than bind (i.e. ssl proxy or load balancer)
Postgres connection info
db__host
db__port
db__username
db__password
db__database
- defaults to fossa
app__redirect_server__enabled
app__redirect_server__port
app__server__type
- defaults to http
app__server__key
- note, these refer to paths mounted in the container. Deploy to certs on the host machine to /fossa/public/data/crt.key
and configure FOSSA with /fossa/public/data/crt.key
app__server__cert
app__password_reset_timeout
- time in seconds for password reset tokens to time out
app__access
- access code for users to register, replaces team joining selector
app__disable_terms
- defaults to false, disables terms of service on registration if enabled
logging__dir
- log dir; note /fossa/public/data
is mounted in container
github__enabled
github__version
- API version, defaults to 3.0.0
github__base_url
- Defaults to api.github.com
, point this to your internal GitHub Enterprise (GHE) instance if you have one.
github__credentials__oauth2__client_id
- Create a custom FOSSA OAuth app in GH or GHE and fill in these fields
github__credentials__oauth2__client_secret
github__credentials__oauth2__callback
github__timeout
github__headers__{header_name}
bitbucket_server__enabled
bitbucket_server__base_url
bitbucket_server__credentials__oauth2__client_id
bitbucket_server__credentials__oauth2__client_secret
bitbucket_server__credentials__oauth2__private_key
bitbucket_server__credentials__basic__username
bitbucket_server__credentials__basic__password
jira__enabled
jira__base_url
jira__credentials__oauth2__client_id
jira__credentials__oauth2__client_secret
jira__credentials__oauth2__private_key
jira__credentials__basic__username
jira__credentials__basic__password
slack__enabled
slack__credentials__oauth2__client_id
slack__credentials__oauth2__client_secret
slack__credentials__oauth2__private_key
fetchers__npm__registry
- URL to npm registry endpoint
npmE or newer registries which support auth_token
fetchers__npm__auth_token
- auth token generated by npm after npm login, found in .npmrc
Artifactory or older registries with legacy auth
fetchers__npm__auth__email
fetchers__npm__auth__token
- _auth
parameter in .npmrc
fetchers__npm__auth__username
cocoapods_api__enabled
cocoapods_api__protocol
cocoapods_api__hostname
- defaults to localhost
cocoapods_api__port
Servers is an array of servers that have id
, registry
, username
, and password
. In the variables listed below, n
is the index of the array servers array.
fetchers__mvn__servers__n__id
fetchers__mvn__servers__n__registry
fetchers__mvn__servers__n__username
fetchers__mvn__servers__n__password
This config enables code browsing.
cache__package__engine
- set to file
(default) or s3
cache__package__store_private
- defaults to false, meaning cache will ignore private or auth'd packages
Caching with s3 is the preferred method, where you can defined your own security and access features:
cache__package__bucket
- which s3 bucket is used for cache
cache__package__s3Options__accessKeyId
- (optional) access key ID for s3 user/bucket
cache__package__s3Options__secretAccessKey
- (optional) secret key for s3 user/bucket
By default FOSSA will fall back to file caching on the node, but this isn't secured or the most reliable option.
cache__package__root
- root directory to cache in the container, usually you don't want to touch this
cache__package__maxSize
- max size in bytes for total cache directory (defaults to 750MB)
cache__package__maxPackageSize
- max size in bytes for each package (defaults to 15MB)
You can disable caching by setting the engine to file
and cache__package__maxSize
to 0