Configuration
Skytable can be configured to run per your needs. You can use either of command-line arguments, environment variables or a configuration file. We don't have any specific recommendation for a mode of configuration but we generally consider using a configuration file to be the best practice since it is something that won't get lost (which in other cases can get lost due to lost shell history and such).
Configuration file
The configuration file is a simple YAML file. Use this as your configuration file template:
system:
mode: prod
rs_window: 300
auth:
plugin: pwd
# replace with your root password of choice
root_pass: password
endpoints:
secure:
host: 127.0.0.1
port: 2004
# replace `cert` with the path to your self-signed certificate
cert: cert.pem
# replace `private_key` with the path to your private key
private_key: private.key
# replace `passphrase.txt` with the path to your private key passphrase
pkey_passphrase: passphrase.txt
insecure:
host: 127.0.0.1
port: 2003
Starting the server with a configuration file
To start the server with a configuration file, simply run skyd --config <path to config>.yaml
Here's an explanation of all the keys:
system
:mode
: set to eitherdev
/prod
mode.prod
mode will generally make some things stricters (such as background services)rs_window
: This is a very important setting! It is set to300
by default and is called the "reliability service window" which ensures that if any changes are observed in300
(or whatever value you set) seconds, then they reach the disk as soon as that time elapses. For example, in the default configuration the system checks for changes every 5 minutes and if there are any dataset changes, they are immediately synced. Read more here
auth
:plugin
: this is the authentication plugin. we currently only havepwd
that is a simple password based authentication system where the password is stored as anrcrypt
hash on disk. Moreplugin
options are set to be implemented for more advanced authentication, especially in enterprise settingsroot_pass
: this is the root account password. It must have atleast 16 characters
endpoints
:secure
:host
: the host for your secure (TLS) endpointport
: the port for your secure (TLS) endpointcert
: path to the PEM certificate to use for TLSprivate_key
: path to the PEM private key to use for TLSpkey_passphrase
: all private keys must be secured with a passphrase; this key should be set to the path of a plaintext file containing your passphrase and not the passphrase itself
insecure
:host
: the host for your TCP endpointport
: the port for your TCP endpoint
Command-line arguments
You can use the following command line arguments:
Category | Argument | Example | Meaning |
---|---|---|---|
--config | --config=config.yaml | Path to the configuration file. | |
System | |||
--service-window | --service-window=300 | Set the reliability service window (see above) | |
--mode | --mode=prod | Set dev or prod mode | |
Auth | |||
--auth-plugin | --auth-plugin=pwd | Sets the authentication plugin (see above) | |
--auth-root-password | --auth-root-password=mypass | Sets the root account password (see above) | |
Endpoints | |||
--endpoint | --endpoint=tcp@localhost:2003 | Repeat this for all your endpoints such as tls@host:port and tcp@host:port | |
--tlscert | --tlscert=cert.pem | Path to TLS cert | |
--tlskey | --tlskey=private.key | Path to TLS private key | |
--tls-passphrase | --tls-passphrase=pass.txt | Path to plaintext file containing TLS private key password |
Environment variables
You can use the following environment variables:
Category | Variable | Example | Meaning |
---|---|---|---|
System | |||
SKYDB_SERVICE_WINDOW | SKYDB_SERVICE_WINDOW=300 | Sets the reliability service window (see above) | |
Auth | |||
SKYDB_AUTH_PLUGIN | SKYDB_AUTH_PLUGIN=pwd | Sets the authentication plugin | |
SKYDB_AUTH_ROOT_PASSWORD | SKYDB_AUTH_ROOT_PASSWORD=mypass | Sets the root account password | |
Endpoints | |||
SKYDB_ENDPOINTS | SKYDB_ENDPOINTS=tcp@myhost:2003,tls@myhost:2004 | Sets the endpoints to use | |
SKYDB_TLS_CERT | SKYDB_TLS_CERT=cert.pem | Sets the path to the TLS cert | |
SKYDB_TLS_KEY | SKYDB_TLS_KEY=private.key | Sets the path to the TLS private key | |
SKYDB_TLS_KEY_PASS | SKYDB_TLS_KEY_PASS=pass.txt | Sets the path to the plaintext file containing the TLS private key password |