Skip to content

Configuration

Prisme.ai services can be configured through various environment variables.
In a docker setup, you can tune these variables inside the root docker-compose.yml file (docker-compose configuration).

In a developer setup, you can create a services/*/.env file contaning key / values pairs as follows :

WORKSPACES_STORAGE_TYPE=S3_LIKE
WORKSPACES_STORAGE_S3_LIKE_BUCKET_NAME=someBucketName
...
Then, for when you want to run this service directly from its docker image, you can also add an env_file option to its services/*/docker-compose.yml file :
  console:
    entrypoint: npm start  --prefix services/console
    restart: on-failure
    image: registry.gitlab.com/prisme.ai/prisme.ai/prisme.ai-console:latest
    ports:
      - '3000:3000'
    env_file: ./.env

Environment variables

Note 1 : Some variable default values might change depending on the selected start mode (Docker or Developer), especially URL-related ones
Note 2 : Relative paths start from the executing service directory

Name Service Description Default value
BROKER_HOST All services Redis broker URL (must be the same accross services) redis://localhost:6379/0
BROKER_PASSWORD All services Redis broker password
BROKER_NAMESPACE All services Optional namespace to segment events in case the same database instance is shared by multiple platforms
BROKER_TOPIC_MAXLEN All services Redis streams max length before getting truncated (See Capped Streams) 10000
BROKER_EMIT_MAXLEN All services Maximum size (in bytes) of emitted events 100000
PERMISSIONS_STORAGE_HOST All services MongoDB URL for permissions storage (must be the same for both workspaces & events) mongodb://localhost:27017/permissions
OPENAPI_FILEPATH All services Requests & events validation swagger filepath ../specifications/swagger.yml
GATEWAY_API_HOST api-gateway, workspaces api-gateway internal URL for internal requests (i.e contact fetching) http://localhost:3001/v2
API_URL console, pages, api-gateway, runtime api-gateway public URL http://studio.local.prisme.ai:3001/v2
CONSOLE_URL api-gateway, console, pages Studio URL, used for emails & auth redirections http://studio.local.prisme.ai:3000
PAGES_HOST api-gateway, console, pages Pages base domain starting with a '.', workspace slug will be prefixed as a subdomain. Used for pages builder & pages sign in redirection from api gateway .pages.local.prisme.ai:3100
OIDC_PROVIDER_URL api-gateway, pages, console, runtime OIDC Authorization server URL API_URL env var, without any base path
OIDC_STUDIO_CLIENT_ID api-gateway, console Studio OIDC client id local-client-id
OIDC_STUDIO_CLIENT_SECRET api-gateway Studio OIDC client secret, only known by api-gateway local-client-id
OIDC_CLIENT_REGISTRATION_TOKEN api-gateway Access token required for OIDC clients registration API local-client-id
OIDC_WELL_KNOWN_URL api-gateway OIDC provider configuration discovery URL (only if it's an external provider)
SESSION_COOKIES_MAX_AGE api-gateway Auth server session cookies expiration (in seconds) 2592000 (1 month)
ACCESS_TOKENS_MAX_AGE api-gateway Access tokens expiration (in seconds) 2592000 (1 month)
JWKS_FILEPATH api-gateway, runtime JWKS filepath for access token JWT signing. Also used for runtime fetch instruction with current user session root jwks.json file
SESSION_COOKIES_SIGN_SECRET api-gateway Session cookies signing secret
PORT console Listening port number 3000
PORT api-gateway Listening port number 3001
GATEWAY_CONFIG_PATH api-gateway gateway.config.yml path ../../gateway.config.yml
INTERNAL_API_KEY api-gateway, workspaces API Key allowing internal services fetching /contacts API
USERS_STORAGE_HOST api-gateway MongoDB URL for users storage mongodb://localhost:27017/users
SESSIONS_STORAGE_HOST api-gateway Redis URL for sessions storage redis://localhost:6379/0
SESSIONS_STORAGE_PASSWORD api-gateway Redis password for sessions storage
PASSWORD_VALIDATION_REGEXP api-gateway Password validation regexp .{8,32}
EMAIL_VALIDATION_ENABLED api-gateway Enable email validation on signup true
WORKSPACES_API_URL api-gateway prismeai-workspaces internal URL http://workspaces:3002
EVENTS_API_URL api-gateway prismeai-events internal URL http://events:3004
RUNTIME_API_URL api-gateway prismeai-runtime internal URL http://runtime:3003
X_FORWARDED_HEADERS api-gateway Add X-Forwarded-* headers on proxied requests yes
REQUEST_MAX_SIZE api-gateway Maximum request body size (format from bodyParser.json) 1mb
PORT events Listening port number 3004
EVENTS_STORAGE_ES_HOST events Elasticsearch URL for events persistance http://localhost:9200
EVENTS_STORAGE_ES_USER events Elasticsearch user for events persistance
EVENTS_STORAGE_ES_PASSWORD events Elasticsearch password for events persistance
EVENTS_TOPICS_CACHE_HOST events Redis URL for event userTopics persistance. BROKER_HOST variable
EVENTS_TOPICS_CACHE_PASSWORD events Redis password for event userTopics persistance.
EVENTS_BUFFER_FLUSH_AT events Persists events in the datalake each N events 128
EVENTS_BUFFER_HIGH_WATERMARK events Stops listening for new events to be persisted when N events are already waiting to be persisted 256
EVENTS_BUFFER_FLUSH_EVERY events Persists events every N milliseconds even if EVENTS_BUFFER_FLUSH_AT has not been reached 5000
EVENTS_RETENTION_DAYS events Number of days events are kept inside the datalake before being removed 180
EVENTS_SCHEDULED_DELETION_DAYS events Number of days events are kept inside the datalake after deleting their workspace 90
SOCKETIO_REDIS_HOST events Redis host for socket.io redis adapter Same as BROKER_HOST env var
SOCKETIO_REDIS_PASSWORD events Redis password for socket.io redis adapter Same as BROKER_PASSWORD env var
SOCKETIO_COOKIE_MAX_AGE events Socket.io cookie maxAge Default value from 'cookie' NodeJS module
EVENTS_STORAGE_ES_BULK_REFRESH events Enable Elastic "refresh" option when bulk inserting events (might induce overhead) no
WORKSPACES_STORAGE_TYPE runtime & workspaces Workspaces storage driver (FILESYSTEM | S3_LIKE | AZURE_BLOB). Must be the same instance for both runtime & workspaces. FILESYSTEM
WORKSPACES_STORAGE_FILESYSTEM_DIRPATH runtime & workspaces Workspaces filesystem storage : directory path ../../data/models/
UPLOADS_STORAGE_FILESYSTEM_DIRPATH runtime & workspaces Uploads filesystem storage : directory path ../../data/models/
WORKSPACES_STORAGE_S3_LIKE_ACCESS_KEY runtime & workspaces Workspaces s3 like storage : access key
WORKSPACES_STORAGE_S3_LIKE_SECRET_KEY runtime & workspaces Workspaces s3 like storage : secret key
WORKSPACES_STORAGE_S3_LIKE_BASE_URL runtime & workspaces Workspaces s3 like storage : base url
WORKSPACES_STORAGE_S3_LIKE_ENDPOINT runtime & workspaces Workspaces s3 like storage : endpoint
WORKSPACES_STORAGE_S3_LIKE_BUCKET_NAME runtime & workspaces Workspaces s3 like storage : bucket name
WORKSPACES_STORAGE_S3_LIKE_REGION runtime & workspaces Workspaces s3 like storage : region
UPLOADS_STORAGE_S3_LIKE_ACCESS_KEY runtime & workspaces Uploads s3 like storage : access key
UPLOADS_STORAGE_S3_LIKE_SECRET_KEY runtime & workspaces Uploads s3 like storage : secret key
UPLOADS_STORAGE_S3_LIKE_BASE_URL runtime & workspaces Uploads s3 like storage : base url
UPLOADS_STORAGE_S3_LIKE_ENDPOINT runtime & workspaces Uploads s3 like storage : endpoint
UPLOADS_STORAGE_S3_LIKE_BUCKET_NAME runtime & workspaces Uploads s3 like storage : bucket name
UPLOADS_STORAGE_S3_LIKE_REGION runtime & workspaces Uploads s3 like storage : region
WORKSPACES_STORAGE_AZURE_BLOB_CONTAINER runtime & workspaces Workspaces Azure Blob container name models
WORKSPACES_STORAGE_AZURE_BLOB_CONNECTION_STRING runtime & workspaces Workspaces Azure Blob connection string models
UPLOADS_STORAGE_AZURE_BLOB_CONTAINER runtime & workspaces Uploads Azure Blob container name models
UPLOADS_STORAGE_AZURE_BLOB_CONNECTION_STRING runtime & workspaces Uploads Azure Blob connection string
UPLOADS_STORAGE_AZURE_BLOB_BASE_URL runtime & workspaces Base public download url for uploads azure blob container
PORT runtime Listening port number 3003
CONTEXTS_CACHE_HOST runtime Redis URL for contexts persistance. redis://localhost:6379/0
CONTEXTS_CACHE_PASSWORD runtime Redis password for contexts persistance.
MAXIMUM_SUCCESSIVE_CALLS runtime Maximum number of automation execution for the same correlation id (i.e initiated by the same webhook or external event) 20
CONTEXT_RUN_EXPIRE_TIME runtime Run context expiration time in seconds. 60
CONTEXT_UNAUTHENTICATED_SESSION_EXPIRE_TIME runtime Session context expiration time in seconds for unauthenticated sessions 60*60 (1 hour)
ADDITIONAL_GLOBAL_VARS_* runtime Additional variables that will be available from global context (ADDITIONAL_GLOBAL_VARS_apiUrl will be available as {{global.apiUrl}}). None
PORT workspaces Listening port number 3002
UPLOADS_STORAGE_TYPE workspaces Uploads storage driver (FILESYSTEM | S3_LIKE). Must be the same instance for workspaces. FILESYSTEM
UPLOADS_STORAGE_FILESYSTEM_DIRPATH workspaces Uploads filesystem storage : directory path ../../data/uploads
UPLOADS_STORAGE_S3_LIKE_ACCESS_KEY workspaces Uploads s3 like storage : access key
UPLOADS_STORAGE_S3_LIKE_SECRET_KEY workspaces Uploads s3 like storage : secret key
UPLOADS_STORAGE_S3_LIKE_BASE_URL workspaces Uploads s3 like storage : base url
UPLOADS_STORAGE_S3_LIKE_ENDPOINT workspaces Uploads s3 like storage : endpoint
UPLOADS_STORAGE_S3_LIKE_BUCKET_NAME workspaces Uploads s3 like storage : bucket name
UPLOADS_STORAGE_S3_LIKE_REGION workspaces Uploads s3 like storage : region
UPLOADS_FILESYSTEM_DOWNLOAD_URL workspaces Base download URL for files uploaded to filesystem driver Upload/Get request URL
UPLOADS_MAX_SIZE workspaces,api-gateway Max upload size in bytes 10000000 (10MB)
UPLOADS_ALLOWED_MIMETYPES workspaces Allowed upload mimetypes, comma-separated image/*,text/*,video/*,audio/*,application/*

SSO

Configuring Microsoft SSO

1. Register an app

First follow https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app in order to register an app in your Azure tenant.

  • The application can be named Prismeai or whatever else, it doesn't matter.
  • Select the desired Supported account types as it will restrict which microsoft accounts can log in the studio
  • Its redirect URI must be set to Web platform & have the following value : https://api-gateway-url/v2/login/azure/callback

Note somewhere the application id as it will be the client id passed in environment variables.

2. Generate a secret

Click on Certificates & secrets under Manage menu & add a New client secret.

Keep longest expires time & Add.
Note somewhere the client secret value as it will be the client secret passed in environement variables.

3. Configure environment variables

In order to finish SSO configuration in api-gateway, its following environment variables must be set :

  • AZURE_AD_CLOUD_INSTANCE_ID : https://login.microsoftonline.com/ or any private one
  • AZURE_AD_TENANT : The tenant domain as found in Azure Active Directory > Primary domain (ex: YourCompany.onmicrosoft.com)
    • In order to accept any organizational directory account, replace this value with organizations.
    • In order to accept any organizational directory and personal Microsoft accounts, replace this value with common.
    • In order to accept only Microsoft accounts only, replace this value with consumers.
    • This must reflect the Supported account types option chosen when registering the app
  • AZURE_AD_APP_ID : The application id retrieved in first step
  • AZURE_AD_CLIENT_SECRET : The secret value retrieved in second step

Finally, add the following environment variable to console and pages microsevice :

  • ENABLED_AUTH_PROVIDERS : azure