Configuration
Basic Options
Base configuration options are set in the .env configuration file in the deployment.
Make sure to generate secure random passwords whenever required.
| Option | Default | Description |
|---|---|---|
LF_VERSION | Latest | LatticeFlow AI GO! version to deploy. |
LF_APP_PORT | 5005 | Port on which LatticeFlow AI GO! is served. |
LF_KEYCLOAK_PORT | 8080 | Port on which Keycloak IAM is served. |
LF_DB_PASSWORD | Password for the database owner. This is the password that that will be used to configure the DB on the initial setup or during upgrades. Most other operations to the DB will use a tenant user (created by the application) which authenticates with LB_DB_TENANT_PASSWORD for security reasons. | |
LF_DB_TENANT_PASSWORD | Password for the tenant DB user. | |
MINIO_ROOT_PASSWORD | Password for the root user of the Minio service. | |
LF_S3_CLIENT_ACCESS_KEY_ID | The ID of the access key to S3. | |
LF_S3_CLIENT_SECRET_KEY | The secret key to S3. |
Advanced Options
Application
Option | Default | Description |
|---|---|---|
|
| Flag for enabling/disabling error monitoring. Error monitoring does not leak any PII. LatticeFlow uses |
|
| Redis is used as a asynchronous job queue broker. Option to configure job queue broker to use an external Redis database. Example for connecting to external Redis using secure rediss protocol: |
|
| Set to |
Authentication
The core AI assessment and the user authentication are separate services exposed through separate ports. These can be set by the options LF_ASSESSMENT_PORT and LF_KEYCLOAK_PORT, respectively. Both ports need to be accessible by the end-user. When a user attempts to login, they are redirected from the core service to the authentication service. For this to work, the core service needs to know the address on which the authentication service is exposed to end users. Use the following options to configure this.
Option | Default | Description |
|---|---|---|
|
| Set this option to NOTE: This is a security hazard as it exposes authentication details on the network. |
| 8080 | The port on which the authentication service is exposed to the end user. Set this option when the authentication service is accessed on the same HTTP host as the core AI service. If you have configured the authentication service to run on a different HTTP host, leave this option unset. |
|
| The URL on which the core service will communicate with the authentication service. Typically, both services are deployed in a their own network and exposed to the outside world. In this case the communication is done through this network and this option should not be changed. Change the option if the authentication service is reachable by the core service on a non-standard address. |
PostgreSQL Database
PostgreSQL options are controlled by the environment variables listed in the table below.
Option | Default | Description |
|---|---|---|
|
| Username for Root user. |
| See template. | Password for root user |
|
| Database name in PostgreSQL. If not provided, it equals |
|
| Host address for PostgreSQL. By default, PostgreSQL is hosted at: |
| 5432 | Port for PostgreSQL. Adapt if connecting to an external PostgreSQL database. |
|
| Non-root user name. |
| See template. | Non-root user password. |
S3 Object Storage
LatticeFlow AI GO! uses S3-compatible object storage, by default it is shipped with MiniO, but is fully compatible with AWS S3.
| Option | Default | Description |
|---|---|---|
LF_S3_CLIENT_URL | http://latticeflow-assessment-minio:9000 | S3 client URL. |
LF_S3_CLIENT_ACCESS_KEY_ID | See template. | S3 client access key ID. |
LF_S3_CLIENT_SECRET_KEY | See template. | S3 client secret key. |
LF_S3_CLIENT_BUCKET | latticeflow | S3 bucket name that contains all of the application object data. |