6.0

Additional Configuration

This page contains additional system configuration options that are provided for self-managed Appmixer installations. See the System Configuration for the rest of the configuration options. The below options can be set via the environment variables on the instances of the Appmixer engine.

Logging

LOG_LEVEL

By default set to info. It can be changed to error, warn or debug.

LOG_COMPONENT_DATA_MESSAGE

When set to false, the component's input/output messages won't be logged into Elasticsearch.

Important! Appmixer Insights and Designer log messages won't contain any items if logging data messages are turned off.

APPMIXER_HTTPS_PROXY and APPMIXER_HTTP_PROXY

Configure an HTTP proxy. All HTTP(S) requests from Appmixer will be redirected to the proxy URL.

Token Encryption

Most of the connectors in Appmixer require user authentication. That can be represented as OAuth access tokens, API keys, or username/password combinations.

To enable token encryption, set the ENCRYPTION_ENABLED environment variable to true. With that, also set the ENCRYPTION_SECRET environment variable to a secret string (see below for an example on how to generate it).

# Turning the encryption on
ENCRYPTION_ENABLED=true
# Setting the encryption secret (generate your own!)
ENCRYPTION_SECRET=0EC0136A5187A09E21D03819A0EFFD259070CE23213B260A1444412EFD910503
# Generate the encryption secret
openssl enc -aes-256-gcm -k secret -P -md sha1
# copy the 'key' and put it to ENCRYPTION_SECRET

If you lose the encryption secret, you will not be able to recover the encrypted tokens.

MinIO/S3

Appmixer contains a MinIO plugin. If this plugin is turned on, Appmixer will store all user files (files created either through Appmixer flows or through the /files API) in the MinIO/S3 server.

The plugin cannot migrate existing files from MongoDB to MinIO. It has to be turned on when Appmixer is installed before the files are created. If you already have files in MongoDB and want to start using MinIO, you have to migrate the data.

To enable the plugin, add minio to the SYSTEM_PLUGINS (comma-separated list of plugins) ENV variable (this variable cannot be set dynamically through the Backoffice - System Configuration):

# Turning on the plugin
SYSTEM_PLUGINS=minio

# Required variables
MINIO_ACCESS_KEY=admin
MINIO_SECRET_KEY=secretKey
MINIO_ENDPOINT=192.168.1.8   # s3.amazonaws.com to connect to AWS S3

# Optional variables
# Default value set to 80 for HTTP and 443 for HTTPS.
MINIO_PORT=9000
# Set this value to 'true' to enable secure (HTTPS) access
MINIO_USE_SSL=true
MINIO_REGION=eu-central-1
# All files will be stored by default in the 'appmixer-files' bucket
MINIO_BUCKET_NAME=appmixer-files

If you want to use AWS S3, use the following permissions:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucketMultipartUploads",
                "s3:ListBucketVersions",
                "s3:ListBucket",
                "s3:ListMultipartUploadParts",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::appmixer-files/*",
                "arn:aws:s3:::appmixer-files"
            ]
        }
    ]
}

Forgot Password Service

Appmixer provides an API to reset forgotten passwords. This works together with the Appmixer Studio interface (not the Appmixer SDK).

In order to create a link that can be sent to the user, the Appmixer engine needs to know the frontend URL, there are two variables that can be set for that:

Without any changes, the link will be http://localhost:8080/reset-password?code={{code}}.

That link has to be then delivered to the user. There are two ways this can be done:

Webhook

You can register a system webhook that will be triggered every time a user requests to change their password. The webhook URL can be registered under the key WEBHOOK_USER_FORGOT_PASSWORD and the JSON object sent to that URL will be:

{
  "code": 'unique code generated for identifying forgot password request',
  "email": 'email address of the user',
  "userId": 'User Id',
  "created": 'date when a user requested for forgot password',
  "link": 'Link to access forgot password page on the frontend'
}

You can use Appmixer to create a simple flow, that would send emails with the reset password link.

SMTP

The other way is to configure the SMTP server, Appmixer will then send an email with the reset password link to the user's email address.

The default email body:

<p>Hi,</p>
<p>You have requested to reset your password. Please click on the link below to reset your password.</p>
<p><a href="{{link}}">Reset Password</a></p>
<p>If you are unable to click on the link, please copy and paste the following link into your browser:</p>
<p>{{link}}</p>

If the forgot password webhook is configured as explained above, the Appmixer engine will not send the email to the user and it will trigger the webhook instead.

Context Quotas

Components produce messages using the context.sendJson() function. An internal quota mechanism controls how many messages a user can produce.

This is the default configuration:

// QUOTA_CONTEXT_SEND
[
    {
        # 'user' can generate 100 messages per second (across all their flows)
        "limit": 100,
        "scope": "user",
        "windowInSeconds": 1,
        "name": "send:1s"
    },
    {
        # 'user' can generate 1000 messages per minute (across all their flows)
        "limit": 1000,
        "scope": "user",
        "windowInSeconds": 60,
        "name": "send:60s"
    },
    {
        # 'user' can generate 20000 messages per day (across all their flows)
        "limit": 20000,
        "scope": "user",
        "windowInSeconds": 86400,
        "name": "send:1d"
    }
]
// QUOTA_CONTEXT_SLOW_QUEUE
[
    {
        # 'user' can generate 100000 messages per minute (across all their flows)
        # everything that exceeds this limit will be thrown away
        "limit": 100000,
        "scope": "user",
        "windowInSeconds": 60,
        "name": "slowQueue:60s"
    },
    {
        # 'user' can generate 5000000 messages per day (across all their flows)
        # everything that exceeds this limit will be thrown away
        "limit": 5000000,
        "scope": "user",
        "windowInSeconds": 86400,
        "name": "slowQueue:1d"
    }
]

Each call to context.sendJson() increases the quota. If a limit is reached, the message is placed in a Slow Queue. Messages in the Slow Queue are processed at a much slower rate and only when sufficient resources are available. This ensures that one user’s flows do not consume excessive resources and block other users.

If you want to change the default values, you can use the Env variables QUOTA_CONTEXT_SEND and QUOTA_CONTEXT_SLOW_QUEUE, you can set them in the Backoffice.

QUOTA_CONTEXT_SEND default value, you can copy&paste this to the Backoffice and modify.

[{"limit":100,"scope":"user","windowInSeconds":1,"name":"send:1s"},{"limit":1000,"scope":"user","windowInSeconds":60,"name":"send:60s"},{"limit":20000,"scope":"user","windowInSeconds":86400,"name":"send:1d"}]

QUOTA_CONTEXT_SLOW_QUEUE default value, you can copy&paste this to the Backoffice and modify.

[{"limit":100000,"scope":"user","windowInSeconds":60,"name":"slowQueue:60s"},{"limit":5000000,"scope":"user","windowInSeconds":86400,"name":"slowQueue:1d"}]
PreviousAuthentication HubNextAppmixer Architecture

Last updated