Configurable environment variables
When creating the OPC Router containers, environment variables can be set, which are visible within the containers. These environment variables can be used to configure the OPC Router by reading them during startup.
note
These environment variables apply not only to the OPC Router Docker container but also to Windows installations. However, in Windows installations, the "OPCRouter5-Service" and "OPCRouter5-Management" services must be restarted for the changed environment variables to take effect.
General Environment Variables
| Environment variable | Description | Example value |
|---|---|---|
OR_I_ACCEPT_EULA | Setting this to true accepts the End User License Agreement. Required for application execution. | true |
INITIAL_USERNAME | Sets the name of the initial user account for Web Management. | or5 |
INITIAL_PASSWORD | Sets the password for the initial user account for Web Management. Use either this or INITIAL_PASSWORD_FILE. | Don'tUseThis,ItWouldn'tBeSafe! |
INITIAL_PASSWORD_FILE | Specifies the path to a file inside the container from which the password for the initial user account for Web Management is retrieved. Use either this or INITIAL_PASSWORD. | /inray/defaultpw |
Environment Variables for Web Management
| Environment variable | Description | Example value |
|---|---|---|
OR_WEB_HTTP_PORT | Sets the port for HTTP connections. If HTTPS is available, the port refers to the HTTPS port. (Default: 8080) | 80 |
OR_WEB_HTTPS_PORT | Sets the port for HTTPS connections. HTTPS requires a valid SSL certificate. (Default: 8443) | 443 |
OR_WEB_HTTPS_CERTIFICATE_PEM | Sets PEM-encoded SSL certificate. Use either this or OR_WEB_HTTPS_CERTIFICATE_PEM_FILE. | [PEM Certificate] |
OR_WEB_HTTPS_CERTIFICATE_PEM_FILE | Specifies the path to a PEM-encoded file inside the container from which the SSL certificate is retrieved. Use either this or OR_WEB_HTTPS_CERTIFICATE_PEM. | /inray/https.pem |
OR_WEB_HTTPS_CERTIFICATE_KEY_PEM | Sets the private key of the PEM-encoded SSL certificate. Use either this or OR_WEB_HTTPS_CERTIFICATE_KEY_PEM_FILE. | [PEM Private Key] |
OR_WEB_HTTPS_CERTIFICATE_KEY_PEM_FILE | Specifies the path to the private key of the PEM-encoded SSL certificate inside the container. Use either this or OR_WEB_HTTPS_CERTIFICATE_KEY_PEM. | /inray/https.key |
OR_ENABLE_HTTP_LOGGING | Can be set to true to enable logging of web requests. | true |
OR_WEB_DISABLE_HTTPS | Can be set to false to enable HTTPS. (Default: true) | false |
Environment Variables for Web Management Authentication
| Environment variable | Description | Example value |
|---|---|---|
INITIAL_USERNAME | Sets the name of the initial user account for Web Management. | or5 |
INITIAL_PASSWORD | Sets the password for the initial user account for Web Management. Use either this or INITIAL_PASSWORD_FILE. | Don'tUseThis,ItWouldn'tBeSecure! |
INITIAL_PASSWORD_FILE | Specifies the path to a file inside the container from which the password for the initial user account for Web Management is retrieved. Use either this or INITIAL_PASSWORD. | /inray/defaultpw |
AUTH_DB_CONNECTION_STRING | Sets the connection string for the OPC Router authentication database. Use either this or AUTH_DB_CONNECTION_STRING_FILE. | Data Source=OPCRouterWebConfig.db; |
AUTH_DB_CONNECTION_STRING_FILE | Specifies the path to a file inside the container from which the connection string to the OPC Router authentication database is retrieved. Use either this or AUTH_DB_CONNECTION_STRING. | /inray/authdbconn |
AZURE_AD_INSTANCE | Sets the Azure Active Directory instance. | https://login.microsoftonline.com/ |
AZURE_AD_DOMAIN | Sets the domain of the Azure Active Directory tenant. | contoso.onmicrosoft.com |
AZURE_AD_TENANT_ID | Sets the Azure Active Directory Tenant ID. | 123456ab-1a2b-3c45-67de-1234ab-567cd8 |
AZURE_AD_CLIENT_ID | Sets the Azure Client ID. | 11111111-1111-1111-1111-111111111111 |
AZURE_AD_CALLBACK_PATH | Sets the relative request path to which the User-Agent is redirected. (Default: /signin-oidc) | /signin-oidc |
AZURE_AD_SIGNED_OUT_CALLBACK_PATH | Sets the relative request path to which the User-Agent is redirected after logging out from the Identity Provider. See http://openid.net/specs/openid-connect-session-1_0.html#RedirectionAfterLogout. (Default: /signout-callback-oidc) | /signout-callback-oidc |
OR_DISABLE_AUTH | Disables user authentication in Web Management when set to true. | true |
OR_DISABLE_WIN_AUTH | Disables Windows user authentication in Web Management when set to true. | true |
Environment variables for licensing
| Environment variable | Description |
|---|---|
OR_LICENSE_KEY | The license key for the license |
OR_LICENSE_KEY_FILE (alternative to OR_LICENSE_KEY) | Path to a file with the license key of the license. |
OR_LICENSE_OPCROUTERID | The OPC Router ID of the license |
OR_INSTANCE_NAME | Name for the licensed system |
OR_LICENSE_IGNORE_ACTIVATION_ERROR (optional) | If this parameter is set to true, activation errors are ignored. |
OR_LICENSE_HOLDER (optional) | License holder name |
OR_LICENSE_LOCATION (optional) | System location |
OR_LICENSE_DESCRIPTION (optional) | Additional description |
Environment variables for redundancy
note
The settings are not case sensitive.
| Environment variable | Default | Description |
|---|---|---|
OR_REDUNDANCY_MODE | 0 or disabled: Redundancy is disabled1 or primary:Primary service2 or secondary: Secondary service | |
OR_REDUNDANCY_SHARED_KEY | Character sequence used for authentication of the OPC Router. This key must be the same for the primary and secondary services. An empty key is invalid and prevents the connection from being established. | |
OR_REDUNDANCY_SHARED_KEY_FILE | Alternatively, the key can also be transferred as a text file. | |
OR_REDUNDANCY_ADDRESS | Address of the primary service. This is specified in URL format (https: host name/IP address: port). The port under which the web management (the web interface of the OPC Router) can be reached must be specified as the port. Example: https://example.local:5000 | |
OR_REDUNDANCY_PRIMARY_TIMEOUT | 10 | Time in seconds after which the secondary service is considered disconnected if no heartbeat has been sent. |
OR_REDUNDANCY_SECONDARY_HEARTBEA T_INTERVAL | 5 | The interval in seconds at which the secondary service attempts to reach the primary service. Note: This value must be less than the timeout of the primary service so that the connection is not constantly considered disconnected in the primary service. |
OR_REDUNDANCY_ENABLE_PROJECT_SYNC | true | Activates project synchronisation. |
OR_REDUNDANCY_PROJECT_SYNC_ALLOW_EXPERT | true | Transferring expert settings during project transfer |
OR_REDUNDANCY_PROJECT_SYNC_PING_INTERVAL | 5 | Ping interval (in seconds) for project synchronisation. |
OR_REDUNDANCY_LOCAL_MANAGEMENT_ADDRESS | Address at which the local management can be reached by the other OPC router. |
Database Environment Variables
| Environment Variable | Description | Example Value |
|---|---|---|
OR_DATABASE_CONNECTION_STRING | Sets the connection string to establish a connection to an external MongoDB. Overrides the connection to the internal database, if present. Use either this or OR_DATABASE_CONNECTION_STRING_FILE. | mongodb://127.0.0.1:27017 |
OR_DATABASE_CONNECTION_STRING_FILE | Specifies the path to a file inside the container from which the connection string to establish a connection to an external MongoDB is retrieved. Overrides the connection to the internal database, if present. Use either this or OR_DATABASE_CONNECTION_STRING. | /inray/dbconnection |
OR_DATABASE_USERNAME | Sets the MongoDB user to be used for authentication. | root |
OR_DATABASE_PASSWORD | Sets the password of the MongoDB user to be used for authentication. Use either this or OR_DATABASE_PASSWORD_FILE. | AlsoDon'tUseThis! |
OR_DATABASE_PASSWORD_FILE | Specifies the path to a file inside the container from which the password for the MongoDB user used for authentication is retrieved. Use either this or OR_DATABASE_PASSWORD. | /inray/dbpw |
OR_DATABASE_NAME_PREFIX | Sets a name prefix for the Config, Runtime, and Status databases. | OR5 |
OR_DATABASE_CERTIFICATE_FILE | Specifies the path to a file inside the container from which the x.509 certificate for authentication with MongoDB is retrieved. | /inray/db.pem |
Environment Variables for Importing Project Files
| Environment variable | Description | Example value |
|---|---|---|
OR_IMPORT_SOURCE | Specifies the path to an OPC Router project file inside the container that should be loaded directly into the runtime during startup. | /inray/project.rpe |
OR_IMPORT_CLEAR_CONFIG | If set to true, the data in the runtime and config databases will be cleared before importing projects with OR_IMPORT_SOURCE. This will result in the loss of existing connections and plug-in configurations. | true |
OR_IMPORT_DONT_PUBLISH_CONFIG | If set to true, doesn't publish the entire config database after importing with OR_IMPORT_SOURCE. | true |
OR_IMPORT_OVERWRITE_EXISTING | If set to true, allows the import with OR_IMPORT_SOURCE to overwrite existing connections, templates and plugins, otherwise existing values are kept on conflict. | true |
OR_IMPORT_RUNTIME_CONFIGURATION_FILE | Specifies a path to a yaml configuration file describing overrides of values for plugins and settings in the runtime database to be applied after service start. | /inray/runtime_config.yaml |
Relevant ASP.NET Environment Variables
| Environment Variable | Description | Example Value |
|---|---|---|
ASPNETCORE_FORWARDEDHEADERS_ENABLED | If set to true, application header information is forwarded. This is necessary for connecting with reverse proxies. (Default: false) | true |