Environment variables

The Orchestrator can read environment variables which alter the way it runs. These can be:

Orchestrator-specific environment variables (normally prefixed with MAVERICS_)
Arbitrary environment variables which can be referenced in the config file itself

Orchestrator Environment Variables

The following environment variables are available for setting Orchestrator configuration:

MAVERICS_CONFIG: configures the path to a local configuration file.
MAVERICS_LICENSE: configures the path to a local license file.
MAVERICS_SECRET_PROVIDER: sets up a connection to a secret provider.
MAVERICS_DEBUG_MODE: sets logging to debug level.
MAVERICS_HTTP_ADDRESS: the interface and port of the HTTP listener.
MAVERICS_TLS_SERVER_CERT_FILE: the path to the certificate used for the HTTP listener
MAVERICS_TLS_SERVER_KEY_FILE: the path to the corresponding key for the HTTP listener certificate.
MAVERICS_TLS_SERVER_WINDOWS_THUMBPRINT: the certificate thumbprint used to search the Windows Certificate Store for HTTP listener certificate.
MAVERICS_TLS_SERVER_WINDOWS_SUBJECT: the certificate subject used to search the Windows Certificate Store for HTTP listener certificate.
MAVERICS_RELOAD_CONFIG: a boolean value to configure the Orchestrator to poll for configuration updates. It is false by default.
MAVERICS_POLLING_INTERVAL_SECONDS: the frequency of polling for configuration updates. If unset, the default is 30 seconds.
MAVERICS_GCP_CONFIG: configures a connection to Google Cloud Storage for remote configuration.
MAVERICS_AWS_CONFIG: configures a connection to AWS S3 for remote config configuration.
MAVERICS_AZURE_CONFIG: configures a connection to Azure Blob for remote config configuration.
MAVERICS_GITLAB_CONFIG: configures a connection to a GitLab repository for remote config configuration.
MAVERICS_GITHUB_CONFIG: configures a connection to a GitHub repository for remote config configuration.
MAVERICS_USER: sets the user that will run a maverics service in a linux installation. If unset, the default is maverics.
MAVERICS_GROUP: sets the group that will run a maverics service in a linux installation. If unset, the default is maverics.
HTTPS_PROXY, HTTP_PROXY, NO_PROXY: configures the network proxies maverics will use.
MAVERICS_BUNDLE_PUBLIC_KEY_FILE: the path to the public key file used for verifying a signed configuration bundle.

Command line options for maverics will override environment variables, which in turn will override settings in the configuration file. The order of precedence is:

command line options (e.g. -verbose for debug level logging)
environment variables (e.g. MAVERICS_DEBUG_MODE=true)
settings in the configuration file (e.g. logger.level: debug)

Arbitrary Environment Variables

Maverics supports referencing environment variables in configuration files. This enables deployment specific variables to be set dynamically.

To express environment variables in config files, use the {{ env.VAR_NAME }} syntax. Note, the env. namespace prefix is required.

Examples

Setting environment variables on Linux

To set an environment variable when using the RPM, use the maverics.env file that is found in the /etc/maverics directory by default. Please note that the variables should be delimited by a newline and should use the VARIABLE_NAME=VARIABLE_VALUE format.

/etc/maverics/maverics.env

MAVERICS_HTTP_ADDRESS=":443"
MAVERICS_TLS_SERVER_CERT_FILE="/etc/maverics/example.com.crt"
MAVERICS_TLS_SERVER_KEY_FILE="/etc/maverics/example.com.key"

Setting environment variables on Windows

For standard environments variables (variables prefixed with MAVERICS) like log verbosity, the MSI should be used. To update existing settings, simply reinstall the MSI.

Setting environment variables on Containers

Similarly to Linux, a simple way to provide environment variables to the container is via an environment variable file. The variables should be delimited by a newline and should use the VARIABLE_NAME=VARIABLE_VALUE format. When starting the container, use the --env-file flag.

maverics.env

MAVERICS_DEBUG_MODE=true

Referencing custom environment variables

The following example represents a simple usage of how environment variables can be leveraged. The example assumes that AZURE_METADATA_URL, AZURE_ACS_URL, and AZURE_ENTITY_ID are set as environment variables on the host machine.

connectors:
  - name: azure
    type: azure
    authType: saml
    samlMetadataURL: '{{ env.AZURE_METADATA_URL }}'
    samlConsumerServiceURL: '{{ env.AZURE_ACS_URL }}'
    samlEntityID: '{{ env.AZURE_ENTITY_ID }}'

Secrets management Include external files (Legacy)