TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-04-27 18:20:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/docs/docs/guides/installation/configure/configure.mdx
Elio Bischof 53a3ba8acf
Merge branch 'v2-alpha' into cy10
2022-07-25 17:34:41 +02:00

84 lines
3.7 KiB
Plaintext
Raw Blame History

---
title: Configure
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
import LinuxUnix from './_linuxunix.mdx'
import Compose from './_compose.mdx'
import Helm from './_helm.mdx'
# Configure ZITADEL
This guide assumes you are already familiar with [running ZITADEL with the most minimal configuration possible](./run).
## Configuration Files
### Runtime Configuration
See a description of all possible _runtime configuration_ options with their defaults [in the source code](https://github.com/zitadel/zitadel/blob/v2-alpha/internal/config/options/defaults.yaml).
The `zitadel` binary expects the `--config` flag for this configuration.
### Database Initialization
Apart from these options, ZITADEL uses a [different configuration](https://github.com/zitadel/zitadel/blob/v2-alpha/cmd/admin/setup/steps.yaml) for _database initialization steps_.
The `zitadel` binary expects the `--steps` flag for this configuration.
### Split Configuration
ZITADEL merges multiple configurations passed via multiple `--config` and/or multiple `--steps` flags.
This is especially useful, if you want to treat secret configuration files differently from standard configuration.
For example, you can check configuration with information like the database hostname in to git.
Other configration that contains information like your databases admin username and password, you can hand to a secret manager.
## Environment variables
All configuration properties are also configurable via environemnt variables.
Prefix the key with *ZITADEL\_*, uppercase the propery and join sections by an underscore _.
For example, if you want to configure the default ZITADEL IAM admin username and password, make sure the ZITADEL binary runtime has the variables *ZITADEL_S3DEFAULTINSTANCE_ORG_HUMAN_USERNAME* and *ZITADEL_S3DEFAULTINSTANCE_ORG_HUMAN_PASSWORD* set.
## Masterkey
The masterkey is used to AES256-encrypt other generated encryption keys.
It needs to have 32 bytes.
You can pass the masterkey in either of three possible ways to the zitadel binary:
- By value: Use the flag `--masterkey My_Master_Key_Which_Has_32_Bytes`
- By environment variable `ZITADEL_MASTERKEY`: Use the flag `--masterkeyFromEnv`
- By file: Use the flag `--masterkeyFile /path/to/file`
## Passing the configuration
<Tabs
groupId="installation-target"
default="linuxunix"
values={[
{'label': 'Linux and Unix', 'value': 'linuxunix'},
{'label': 'Docker Compose', 'value': 'compose'},
{'label': 'Kubernetes (Helm)', 'value': 'k8s'}
]}
>
<TabItem value="linuxunix">
<LinuxUnix/>
</TabItem>
<TabItem value="compose">
<Compose/>
</TabItem>
<TabItem value="k8s">
<Helm/>
</TabItem>
</Tabs>
Open your favorite internet browser at [http://localhost:8080/ui/console](http://localhost:8080/ui/console).
This is the IAM admin users login according to your configuration in the [example-zitadel-init-steps.yaml](./example-zitadel-init-steps.yaml):
- **username**: *root@<span></span>zitadel.localhost*
- **password**: *RootPassword1!*
## What's next
- Read more about [the login process](../../manuals/user-login).
- If you want to run ZITADEL in production, you most certainly need to [customize your own domain](./custom-domain).
- Check out all possible [runtime configuration properties and their defaults in the source code](https://github.com/zitadel/zitadel/blob/v2-alpha/internal/config/options/defaults.yaml)
- Check out all possible [setup step configuration properties and their defaults in the source code](https://github.com/zitadel/zitadel/blob/v2-alpha/cmd/setup/steps.yaml)
:::caution
<!-- TODO: Better mark the link in the UI -->
The ZITADEL management console [requires end-to-end HTTP/2 support](./http2-support)
Reference in New Issue View Git Blame Copy Permalink