mirror of
https://github.com/graphql-hive/console
synced 2026-04-21 14:37:17 +00:00
105 lines
30 KiB
Markdown
105 lines
30 KiB
Markdown
# `@hive/server`
|
|
|
|
The GraphQL API for GraphQL Hive.
|
|
|
|
## Configuration
|
|
|
|
| Name | Required | Description | Example Value |
|
|
| ------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- |
|
|
| `PORT` | **Yes** | The port this service is running on. | `4013` |
|
|
| `ENCRYPTION_SECRET` | **Yes** | Secret for encrypting stuff. | `8ebe95cg21c1fee355e9fa32c8c33141` |
|
|
| `WEB_APP_URL` | **Yes** | The url of the web app. | `http://127.0.0.1:3000` |
|
|
| `GRAPHQL_PUBLIC_ORIGIN` | **Yes** | The origin of the GraphQL server. | `http://127.0.0.1:4013` |
|
|
| `TOKENS_ENDPOINT` | **Yes** | The endpoint of the tokens service. | `http://127.0.0.1:6001` |
|
|
| `SCHEMA_ENDPOINT` | **Yes** | The endpoint of the schema service. | `http://127.0.0.1:6500` |
|
|
| `SCHEMA_POLICY_ENDPOINT` | **No** | The endpoint of the schema policy service. | `http://127.0.0.1:6600` |
|
|
| `POSTGRES_SSL` | No | Whether the postgres connection should be established via SSL. | `1` (enabled) or `0` (disabled) |
|
|
| `POSTGRES_HOST` | **Yes** | Host of the postgres database | `127.0.0.1` |
|
|
| `POSTGRES_PORT` | **Yes** | Port of the postgres database | `5432` |
|
|
| `POSTGRES_DB` | **Yes** | Name of the postgres database. | `registry` |
|
|
| `POSTGRES_USER` | **Yes** | User name for accessing the postgres database. | `postgres` |
|
|
| `POSTGRES_PASSWORD` | No | Password for accessing the postgres database. | `postgres` |
|
|
| `CLICKHOUSE_PROTOCOL` | **Yes** | The clickhouse protocol for connecting to the clickhouse instance. | `http` |
|
|
| `CLICKHOUSE_HOST` | **Yes** | The host of the clickhouse instance. | `127.0.0.1` |
|
|
| `CLICKHOUSE_PORT` | **Yes** | The port of the clickhouse instance | `8123` |
|
|
| `CLICKHOUSE_USERNAME` | **Yes** | The username for accessing the clickhouse instance. | `test` |
|
|
| `CLICKHOUSE_PASSWORD` | **Yes** | The password for accessing the clickhouse instance. | `test` |
|
|
| `CLICKHOUSE_REQUEST_TIMEOUT` | No | Force a request timeout value for ClickHouse operations (in ms) | `30000` |
|
|
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
|
|
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
|
|
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"password"` |
|
|
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
|
|
| `S3_ENDPOINT` | **Yes** | The S3 endpoint. | `http://localhost:9000` |
|
|
| `S3_ACCESS_KEY_ID` | **Yes** | The S3 access key id. | `minioadmin` |
|
|
| `S3_SECRET_ACCESS_KEY` | **Yes** | The S3 secret access key. | `minioadmin` |
|
|
| `S3_BUCKET_NAME` | **Yes** | The S3 bucket name. | `artifacts` |
|
|
| `S3_SESSION_TOKEN` | No | The S3 session token. | `dummytoken` |
|
|
| `S3_MIRROR` | No | Whether S3 mirror is enabled | `1` (enabled) or `0` (disabled) |
|
|
| `S3_MIRROR_ENDPOINT` | **Yes** | The S3 endpoint. | `http://localhost:9000` |
|
|
| `S3_MIRROR_ACCESS_KEY_ID` | **Yes** | The S3 access key id. | `minioadmin` |
|
|
| `S3_MIRROR_SECRET_ACCESS_KEY` | **Yes** | The S3 secret access key. | `minioadmin` |
|
|
| `S3_MIRROR_BUCKET_NAME` | **Yes** | The S3 bucket name. | `artifacts` |
|
|
| `S3_MIRROR_SESSION_TOKEN` | No | The S3 session token. | `dummytoken` |
|
|
| `S3_MIRROR_PUBLIC_URL` | No | The public URL of the S3, in case it differs from the `S3_ENDPOINT`. | `http://localhost:8083` |
|
|
| `CDN_API` | No | Whether the CDN exposed via API is enabled. | `1` (enabled) or `0` (disabled) |
|
|
| `CDN_API_BASE_URL` | No (Yes if `CDN_API` is set to `1`) | The public base url of the API service. | `http://localhost:8082` |
|
|
| `CDN_API_KV_BASE_URL` | No (**Optional** if `CDN_API` is set to `1`) | The base URL for the KV for API Provider. Used for scenarios where we cache CDN access. | `https://key-cache.graphql-hive.com` |
|
|
| `SUPERTOKENS_API_KEY` | **Yes** [Instructions](https://the-guild.dev/graphql/hive/docs/schema-registry/self-hosting/get-started#running-hive-console) | The key for signing access tokens for user sessions. | string |
|
|
| `SUPERTOKENS_REFRESH_TOKEN_KEY` | **Yes** [Instructions](https://the-guild.dev/graphql/hive/docs/schema-registry/self-hosting/get-started#running-hive-console) | The key for signing refresh tokens for user sessions. | string |
|
|
| `SUPERTOKENS_RATE_LIMIT` | No (Default value: `1`) | Whether supertokens requests should be rate limited. | `1` (enabled) or `0` (disabled) |
|
|
| `SUPERTOKENS_RATE_LIMIT_IP_HEADER_NAME` | No (Default value: `CF-Connecting-IP`) | Name of the header to be used for rate limiting. | `CF-Connecting-IP` |
|
|
| `AUTH_GITHUB` | No | Whether login via GitHub should be allowed | `1` (enabled) or `0` (disabled) |
|
|
| `AUTH_GITHUB_CLIENT_ID` | No (**Yes** if `AUTH_GITHUB` is set) | The GitHub client ID. | `g6aff8102efda5e1d12e` |
|
|
| `AUTH_GITHUB_CLIENT_SECRET` | No (**Yes** if `AUTH_GITHUB` is set) | The GitHub client secret. | `g12e552xx54xx2b127821dc4abc4491dxxxa6b187` |
|
|
| `AUTH_GOOGLE` | No | Whether login via Google should be allowed | `1` (enabled) or `0` (disabled) |
|
|
| `AUTH_GOOGLE_CLIENT_ID` | No (**Yes** if `AUTH_GOOGLE` is set) | The Google client ID. | `g6aff8102efda5e1d12e` |
|
|
| `AUTH_GOOGLE_CLIENT_SECRET` | No (**Yes** if `AUTH_GOOGLE` is set) | The Google client secret. | `g12e552xx54xx2b127821dc4abc4491dxxxa6b187` |
|
|
| `AUTH_ORGANIZATION_OIDC` | No | Whether linking a Hive organization to an Open ID Connect provider is allowed. (Default: `0`) | `1` (enabled) or `0` (disabled) |
|
|
| `AUTH_OKTA` | No | Whether login via Okta should be allowed | `1` (enabled) or `0` (disabled) |
|
|
| `AUTH_OKTA_CLIENT_ENDPOINT` | No (**Yes** if `AUTH_OKTA` is set) | The Okta endpoint. | `https://dev-1234567.okta.com` |
|
|
| `AUTH_OKTA_HIDDEN` | No | Whether the Okta login button should be hidden. (Default: `0`) | `1` (enabled) or `0` (disabled) |
|
|
| `AUTH_OKTA_CLIENT_ID` | No (**Yes** if `AUTH_OKTA` is set) | The Okta client ID. | `g6aff8102efda5e1d12e` |
|
|
| `AUTH_OKTA_CLIENT_SECRET` | No (**Yes** if `AUTH_OKTA` is set) | The Okta client secret. | `g12e552xx54xx2b127821dc4abc4491dxxxa6b187` |
|
|
| `AUTH_REQUIRE_EMAIL_VERIFICATION` | No | Whether verifying the email address is mandatory. | `1` (enabled) or `0` (disabled) |
|
|
| `INTEGRATION_GITHUB` | No | Whether the GitHub integration is enabled | `1` (enabled) or `0` (disabled) |
|
|
| `INTEGRATION_GITHUB_GITHUB_APP_ID` | No (Yes if `INTEGRATION_GITHUB` is set to `1`) | The GitHub app id. | `123` |
|
|
| `INTEGRATION_GITHUB_GITHUB_APP_PRIVATE_KEY` | No (Yes if `INTEGRATION_GITHUB` is set to `1`) | The GitHub app private key. | `letmein1` |
|
|
| `FEATURE_FLAGS_APP_DEPLOYMENTS_ENABLED` | No | Whether app deployments should be enabled for every organization. | `1` (enabled **default**) or `0` (disabled) |
|
|
| `FEATURE_FLAGS_SCHEMA_PROPOSALS_ENABLED` | No | Whether schema proposals should be enabled for every organization. | `1` (enabled) or `0` (disabled) |
|
|
| `S3_AUDIT_LOG` | No (audit log uses default S3 if not configured) | Whether audit logs should be stored on another S3 bucket than the artifacts. | `1` (enabled) or `0` (disabled) |
|
|
| `S3_AUDIT_LOG_ENDPOINT` | **Yes** (if `S3_AUDIT_LOG` is `1`) | The S3 endpoint. | `http://localhost:9000` |
|
|
| `S3_AUDIT_LOG_ACCESS_KEY_ID` | **Yes** (if `S3_AUDIT_LOG` is `1`) | The S3 access key id. | `minioadmin` |
|
|
| `S3_AUDIT_LOG_SECRET_ACCESS_KEY` | **Yes** (if `S3_AUDIT_LOG` is `1`) | The S3 secret access key. | `minioadmin` |
|
|
| `S3_AUDIT_LOG_BUCKET_NAME` | **Yes** (if `S3_AUDIT_LOG` is `1`) | The S3 bucket name. | `artifacts` |
|
|
| `S3_AUDIT_LOG_SESSION_TOKEN` | No | The S3 session token. | `dummytoken` |
|
|
| `S3_AUDIT_LOG_PUBLIC_URL` | No | The public URL of the S3, in case it differs from the `S3_ENDPOINT`. | `http://localhost:8083` |
|
|
| `ENVIRONMENT` | No | The environment of your Hive app. (**Note:** This will be used for Sentry reporting.) | `staging` |
|
|
| `SENTRY` | No | Whether Sentry error reporting should be enabled. | `1` (enabled) or `0` (disabled) |
|
|
| `SENTRY_DSN` | No | The DSN for reporting errors to Sentry. | `https://dooobars@o557896.ingest.sentry.io/12121212` |
|
|
| `PROMETHEUS_METRICS` | No | Whether Prometheus metrics should be enabled | `1` (enabled) or `0` (disabled) |
|
|
| `PROMETHEUS_METRICS_LABEL_INSTANCE` | No | The instance label added for the prometheus metrics. | `server` |
|
|
| `PROMETHEUS_METRICS_PORT` | No | Port on which prometheus metrics are exposed | Defaults to `10254` |
|
|
| `REQUEST_LOGGING` | No | Log http requests | `1` (enabled) or `0` (disabled) |
|
|
| `HIVE_PERSISTED_DOCUMENTS` | No | Whether persisted documents should be enabled or disabled | `1` (enabled) or `0` (disabled) |
|
|
| `HIVE_PERSISTED_DOCUMENTS_CDN_ENDPOINT` | No (Yes if `HIVE_PERSISTED_DOCUMENTS` is set to `1`) | The endpoint for the Hive persisted documents CDN. | `https://cdn.graphql-hive.com/artifacts/v1/<id>` |
|
|
| `HIVE_PERSISTED_DOCUMENTS_CDN_ACCESS_KEY` | No (Yes if `HIVE_PERSISTED_DOCUMENTS` is set to `1`) | The access token key for the Hive CDN. | `hv2abcdefg` |
|
|
| `LOG_LEVEL` | No | The verbosity of the service logs. One of `trace`, `debug`, `info`, `warn` ,`error`, `fatal` or `silent` | `info` (default) |
|
|
| `OPENTELEMETRY_COLLECTOR_ENDPOINT` | No | OpenTelemetry Collector endpoint. The expected traces transport is HTTP (port `4318`). | `http://localhost:4318/v1/traces` |
|
|
|
|
## Hive Cloud Configuration
|
|
|
|
If you are self-hosting GraphQL Hive, you can ignore this section. It is only required for the Cloud
|
|
version.
|
|
|
|
| Name | Required | Description | Example Value |
|
|
| ----------------------- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------ |
|
|
| `COMMERCE_ENDPOINT` | **Yes** | The endpoint of the commerce service. | `http://127.0.0.1:4012` |
|
|
| `CDN_CF` | No | Whether the CDN is enabled. | `1` (enabled) or `0` (disabled) |
|
|
| `CDN_CF_BASE_URL` | No (**Yes** if `CDN` is `1`) | The base URL of the cdn. | `https://cdn.graphql-hive.com` |
|
|
| `CDN_CF_KV_BASE_URL` | No (**Optional** if `CDN` is `1`) | The base URL for the key-value store used for CDN access key validation caching when using the Cloudflare provider. | `https://key-cache.graphql-hive.com` |
|
|
| `HIVE_USAGE` | No | Whether usage reporting for the GraphQL API to Hive is enabled | `1` (enabled) or `0` (disabled) |
|
|
| `HIVE_TARGET` | No (**Yes** if `HIVE` is set to `1`) | The target to which the usage data and traces should be reported | `the-guild/graphql-hive/development` |
|
|
| `HIVE_ACCESS_TOKEN` | No (**Yes** if `HIVE` is set to `1`) | The internal endpoint key. | `iliketurtles` |
|
|
| `HIVE_USAGE_ENDPOINT` | No | The endpoint used for usage reporting. | `http://app.graphql-hive.com/usage` (default value) |
|
|
| `HIVE_TRACING` | No | Whether trace reporting for the GraphQL API to Hive is enabled | `1` (enabled) or `0` (disabled) |
|
|
| `HIVE_TRACING_ENDPOINT` | No | The endpoint used for trace reporting. | `http://api.graphql-hive.com/otel/v1/traces` (default value) |
|