Configuration

This page offers an overview of all the environment variables you’ll need to specify in the .env configuration file.

Cawemo

Environment Variable Example Value Description
SERVER_URL https://cawemo.example.com URL at which users will access Cawemo. Please use the domain root.
Internally, the traffic has to be proxied to the cawemo-webapp container (port 8080).
SERVER_HOST cawemo.example.com Host part of SERVER_URL
SERVER_HTTP_COMPRESSION_ENABLED true Enable HTTP response compression. By default, responses must be at least 2048 bytes in length for compression to be performed. You can configure this behavior by setting the SERVER_HTTP_COMPRESSION_MIN_RESPONSE_SIZE_BYTES property.
Set this to false if Cawemo is running behind a component that already compresses responses.
SERVER_HTTP_COMPRESSION_MIN_RESPONSE_SIZE_BYTES 2048 Minimum size of HTTP responses in bytes for compression to take effect.
SERVER_HTTPS_ONLY true Enforce the usage of HTTPS when users access Cawemo in the browser
SERVER_SESSION_COOKIE_SECRET **** A unique secret of at least 32 characters used to sign Cawemo session cookies.
If left blank, a random value will be generated automatically by the startup script.
DB_HOST postgres.example.com Host name of the PostgreSQL instance
DB_PORT 5432 Database port
DB_NAME cawemo Database name for Cawemo. Please use separate databases for Cawemo and Camunda Account.
DB_USER cawemo Database user
DB_PASSWORD **** Database password
SMTP_HOST mail.example.com Host name of the SMTP server used by both Cawemo and Camunda Account
SMTP_PORT 587 SMTP server port
SMTP_USER user SMTP user
SMTP_PASSWORD **** SMTP password
SMTP_ENABLE_TLS true Enable or disable TLS encryption for SMTP connections
SMTP_FROM_ADDRESS cawemo@example.com E-mail address that will be displayed as the sender of e-mails sent by Cawemo and Camunda Account
SMTP_FROM_NAME Cawemo Name that will be displayed as the sender of e-mails sent by Cawemo and Camunda Account
BROWSER_WEBSOCKET_HOST ws.example.com Name of the host on which the browser will access the Cawemo WebSockets server.
Internally, the traffic has to be proxied to the cawemo-websockets container (port 8060).
BROWSER_WEBSOCKET_PORT 443 Port number on which the browser will access the Cawemo WebSockets server
BROWSER_WEBSOCKET_FORCETLS true Enable or disable TLS encryption for WebSocket connections initiated by the browser
WEBSOCKET_SECRET **** A unique secret of at least 32 characters used by Cawemo's webapp and restapi modules to authenticate to the WebSockets server.
If left blank, a random value will be generated automatically by the startup script.
THEME_COLOR_PRIMARY #2875cc HTML color code used for buttons and hyperlinks in e-mails sent by Cawemo
HOST_LICENSE_FILE_PATH ./../configuration/license-key.txt Path to the license key file

Camunda Account

Environment Variable Example Value Description
IAM_BASE_URL https://iam.example.com URL at which users will access Camunda Account. Please note that it must be different from Cawemo's SERVER_URL.
Internally, the traffic has to be proxied to the iam-router container (port 8090).
IAM_TOKEN_SIGNING_KEY **** A 4096 bits RSA private key in JSON Web Key (JWK) format. It will be used to sign the access tokens issued by Camunda Account.
If left blank, a JWK will be generated automatically by the startup script.1)
CLIENT_SECRET **** A unique secret of at least 32 characters used by Cawemo to authenticate to Camunda Account.
If left blank, a random value will be generated automatically by the startup script.
IAM_DB_HOST postgres.example.com Host name of the PostgreSQL instance
IAM_DB_PORT 5432 Database port
IAM_DB_NAME iam Database name for Camunda Account. Please use separate databases for Cawemo and Camunda Account.
IAM_DB_USER iam Database user
IAM_DB_PASSWORD **** Database password
IAM_DATABASE_ENCRYPTION_KEY **** A unique secret of 32 characters used to encrypt client secrets in the Camunda Account database.
If left blank, a random value will be generated automatically by the startup script.
LDAP_ENABLED false Enable or disable LDAP integration2)

Notes

1) If you’d like to generate the JWK yourself, please use the following command:

docker run --rm -t \
  registry.camunda.cloud/iam-ee/iam-utility:v1.1.6 \
  yarn run generate-jwk

2) Please refer to the LDAP configuration options for the additional environment variables that will be required if you enable the LDAP integration.

On this Page: