Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.configu.com/llms.txt

Use this file to discover all available pages before exploring further.

Configuring Configu Proxy

You can configure the Configu Proxy server using environment variables. The following environment variables are available:
CONFIGU_CONFIG
string
required
The (absolute) file path of the .configu configuration file. CONFIGU_CONFIGURATION can also be used.
CONFIGU_HTTP_PORT
number
default:"8080"
The host port to serve the HTTP server on.
CONFIGU_HTTP_TLS_ENABLED
boolean
default:"false"
Enables or disables transport layer security (TLS). - The CONFIGU_HTTP_TLS_CERT and CONFIGU_HTTP_TLS_KEY environment variables are required when CONFIGU_HTTP_TLS_ENABLED is set to true.
CONFIGU_HTTP_TLS_CERT
string
The (absolute) file path of the certificate to use for the TLS connection.
CONFIGU_HTTP_TLS_KEY
string
The (absolute) file path of the TLS key that should be used for the TLS connection.
CONFIGU_AUTH_ENABLED
boolean
default:"false"
Enables or disables the authentication mechanism. - The CONFIGU_AUTH_PRESHARED_KEYS environment variable is required when CONFIGU_AUTH_ENABLED is set to true.
CONFIGU_AUTH_PRESHARED_KEYS
string
Comma-separated list of pre-shared keys that are allowed to make requests to the server.
CONFIGU_PUBLIC_URL
string
default:"http://localhost:8080"
The public URL of the server.
CONFIGU_HTTP_ALLOWED_ORIGINS
string
default:"*"
Comma-separated list of origins that are allowed to make requests to the server.
CONFIGU_HTTP_TRUST_PROXY
boolean
default:"false"
Enables or disables the trust proxy setting.
CONFIGU_LOG_ENABLED
boolean
default:"true"
Enables or disables request logging.
CONFIGU_DOCS_ENABLED
boolean
default:"true"
Enables or disables the API reference documentation route at /docs.

Production Best Practices

For production environments, it is recommended to:
  • Enable authentication using pre-shared keys. CONFIGU_AUTH_ENABLED=true and CONFIGU_AUTH_PRESHARED_KEYS=key1,key2.
  • Disable request logging. CONFIGU_LOG_ENABLED=false.
  • Disable the API reference documentation route at /docs. CONFIGU_DOCS_ENABLED=false.
  • Enable transport layer security (TLS) and use a valid certificate from a trusted certificate authority (CA). CONFIGU_HTTP_TLS_ENABLED=true, CONFIGU_HTTP_TLS_CERT=/path/to/cert.pem, and CONFIGU_HTTP_TLS_KEY=/path/to/key.pem.
  • Use a reverse proxy like Nginx, Caddy, Traefik or HAProxy to handle TLS termination and load balancing. CONFIGU_HTTP_TRUST_PROXY=true.

Generating a Self-Signed Certificate

For development purposes, you can generate a self-signed certificate Using OpenSSL: 
openssl req -x509 -newkey rsa:4096 -nodes -sha256 -subj '/CN=localhost' -keyout server.key -out server.crt
Using mkcert: 
mkcert --install
mkcert -key-file server.key -cert-file server.crt localhost

Running Configu Proxy

Using Docker

You can run the Configu Proxy server using Docker. The following command starts the server: 
docker run --rm --init \
  -v /path/to/.configu:/config/.configu \
  -e CONFIGU_CONFIG=/config/.configu \
  -p 8080:8080 \
  configu/proxy
Replace /path/to/.configu with the path to your .configu configuration file. Here is an example configuration for running the Configu Proxy server on different port with authentication and TLS enabled: 
docker run --rm --init \
  -v /path/to/.configu:/config/.configu \
  -v /path/to/certs:/config/certs \
  -e CONFIGU_HTTP_PORT=3000 \
  -e CONFIGU_AUTH_ENABLED=true -e CONFIGU_AUTH_PRESHARED_KEYS=token \
  -e CONFIGU_HTTP_TLS_ENABLED=true -e CONFIGU_HTTP_TLS_CERT=/config/certs/localhost.pem -e CONFIGU_HTTP_TLS_KEY=/config/certs/localhost-key.pem \
  -e CONFIGU_CONFIG=/config/.configu \
  -p 3000:3000 \
  configu/proxy
Replace /path/to/.configu with the path to your .configu configuration file and /path/to/certs with the path to your certificate and key files.

Using Docker Compose

You can use Docker Compose to run the Configu Proxy server. Here is an example configuration:
docker-compose.yml
version: '3'
services:
  configu-proxy:
    image: configu/proxy:latest
    ports:
      - '8080:8080'
    volumes:
      - /path/to/.configu:/config/.configu
    environment:
      CONFIGU_CONFIG: '/config/.configu'
Replace /path/to/.configu with the path to your .configu configuration file. Run the following command to start the server: 
docker-compose up

Using Kubernetes

You can deploy the Configu Proxy server on Kubernetes using a Deployment and a Service. Here is an example configuration:
configu-proxy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: configu-proxy
spec:
  replicas: 1
  selector:
    matchLabels:
      app: configu-proxy
  template:
    metadata:
      labels:
        app: configu-proxy
    spec:
      containers:
        - name: configu-proxy
          image: configu/proxy
          ports:
            - containerPort: 8080
          volumeMounts:
            - name: configu-config
              mountPath: /config
              readOnly: true
          env:
            - name: CONFIGU_CONFIG
              value: '/config/.configu'
          volumes:
            - name: configu-config
              configMap:
                name: configu-config
---
apiVersion: v1
kind: Service
metadata:
  name: configu-proxy
spec:
  type: LoadBalancer
  ports:
    - port: 443
      targetPort: 8080
      protocol: TCP
  selector:
    app: configu-proxy
Create a ConfigMap with your .configu configuration file: 
kubectl create configmap configu-config --from-file=/path/to/.configu
Replace /path/to/.configu with the path to your .configu configuration file. Apply the configuration: 
kubectl apply -f configu-proxy.yaml
Verify the deployment: 
kubectl get pods -l app=configu-proxy
kubectl get svc -l app=configu-proxy

Using Helm

This section is under construction and will be ready soon. Thanks for your patience! 🚧