-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
improved formatting and variable descriptions
- Loading branch information
Showing
1 changed file
with
48 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,15 +1,48 @@ | ||
| Variables: | ||
|
|
||
| ${HTTPS\_SERVER\_NAME\_PORT} - example: localhost:8443 | ||
| ${APP\_SERVER\_IP} - example: 172.28.1.3 | ||
| ${SSL\_CERTIFICATE\_FILE} - to set apache config param `SSLCertificateFile` | ||
| ${SSL\_CERTIFICATE\_KEY\_FILE} - to set apache config param `SSLCertificateKeyFile` | ||
| ${SSL\_CERTIFICATE\_CHAIN\_FILE} - to set apache config param `SSLCertificateChainFile` (optional environment variable) | ||
| ${SSL\_CA\_CERTIFICATE\_FILE} - to set apache config param `SSLCACertificateFile` | ||
| ${SSL\_CA\_DN\_REQUEST\_FILE} - to set apache config param `SSLCADNRequestFile` (optional environment variable) | ||
| ${SSL\_VERIFY\_CLIENT} - to set apache config param `SSLVerifyClient `, default value `require`, set to `optional` when using OIDC authentication | ||
| ${PROXY\_PASS\_TIMEOUT\_HTTP} - timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply, default: `60` seconds | ||
| ${PROXY\_PASS\_TIMEOUT\_WS} - timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply, default: `60` seconds | ||
| ${PROXY\_PASS\_CONNECTION\_TIMEOUT\_HTTP} - connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established, default: `30` seconds | ||
| ${PROXY\_PASS\_CONNECTION\_TIMEOUT\_WS} - connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established, default: `30` seconds | ||
| ${SERVER\_CONTEXT\_PATH} - reverse proxy context path that delegates to the app server, `/` character at start, no `/` character at end, default: `/fhir` | ||
| # Environment Variables | ||
|
|
||
| **HTTPS_SERVER_NAME_PORT** | ||
| Description: Server hostname and port. | ||
| Example: localhost:8443 | ||
|
|
||
| **APP_SERVER_IP** | ||
| Description: Reverse proxy target. | ||
| Example: 172.28.1.3 | ||
|
|
||
| **SSL_CERTIFICATE_FILE** | ||
| Description: To set apache config param `SSLCertificateFile`, with the server certificate private key. | ||
|
|
||
| **SSL_CERTIFICATE_KEY_FILE** | ||
| Description: To set apache config param `SSLCertificateKeyFile`, with the server certificate (and ca chain except root). | ||
|
|
||
| **SSL_CERTIFICATE_CHAIN_FILE** | ||
| Description: To set apache config param `SSLCertificateChainFile`, with the server certificate ca chain for (excluding the root CA), can be used if CA chain is not included in **SSL_CERTIFICATE_FILE**. | ||
|
|
||
| **SSL_CA_CERTIFICATE_FILE** | ||
| Description: To set apache config param `SSLCACertificateFile`, with the trusted full CA chains for validating client certificates. | ||
|
|
||
| **SSL_CA_DN_REQUEST_FILE** | ||
| Description: To set apache config param `SSLCADNRequestFile` with client certificate signing CAs to modify the "Acceptable client certificate CA names" send to the client. | ||
| Default: All CAs from **SSL_CA_DN_REQUEST_FILE** if not set. | ||
|
|
||
| **SSL_VERIFY_CLIENT** | ||
| Description: To set apache config param `SSLVerifyClient `, default value `require`, set to `optional` when using OIDC authentication. | ||
|
|
||
| **PROXY_PASS_TIMEOUT_HTTP** | ||
| Description: timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply. | ||
| Default: `60` seconds | ||
|
|
||
| **PROXY_PASS_TIMEOUT_WS** | ||
| Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply. | ||
| Default: `60` seconds | ||
|
|
||
| **PROXY_PASS_CONNECTION_TIMEOUT_HTTP** | ||
| Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established. | ||
| Default: `30` seconds | ||
|
|
||
| **PROXY_PASS_CONNECTION_TIMEOUT_WS** | ||
| Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established. | ||
| Default: `30` seconds | ||
|
|
||
| **SERVER_CONTEXT_PATH** | ||
| Description: Reverse proxy context path that delegates to the app server, `/` character at start, no `/` character at end, use `''` (empty string) to configure root as context path. | ||
| Default: `/fhir` |