Configuration
Symbols Service configuration
Gunicorn configuration:
- GUNICORN_TIMEOUT
- Parser:
str
- Default:
“300”
- Required:
No
Specifies the timeout value.
https://docs.gunicorn.org/en/stable/settings.html#timeout
Used in bin/run_web.sh.
- GUNICORN_WORKERS
- Parser:
str
- Default:
“1”
- Required:
No
Specifies the number of gunicorn workers.
You should set it to
(2 x $num_cores) + 1.https://docs.gunicorn.org/en/stable/settings.html#workers
http://docs.gunicorn.org/en/stable/design.html#how-many-workers
Used in bin/run_web.sh.
Webapp configuration:
- Configuration
Configuration summary:
Setting
Parser
Required?
bool
bool
bool
str
str
str
str
int
str
str
str
str
Yes
str
Yes
str
Yes
str
Yes
str
Yes
bool
bool
int
str
Yes
int
int
int
str
int
bool
bool
str
Yes
bool
ListOf(str)
dj_database_url.parse
Yes
int
bool
int
str
Yes
str
Yes
ListOf(str)
dict_parser
ListOf(str)
ListOf(str)
ListOf(str)
str
Yes
str
str
Configuration options:
- LOCAL_DEV_ENV
- Parser:
bool
- Default:
“false”
- Required:
No
Set to true if you’re running in a local dev environment; false otherwise
- TEST_ENV
- Parser:
bool
- Default:
“false”
- Required:
No
Set to true if you’re running tests; false otherwise.
- TOOL_ENV
- Parser:
bool
- Default:
“false”
- Required:
No
Set to true if you’re running manage.py in a tool context. For example, for collectstatic.
- SENTRY_DSN
- Parser:
str
- Default:
“”
- Required:
No
Sentry DSN or empty string
- HOSTNAME
- Parser:
str
- Default:
“socket.gethostname()”
- Required:
No
Unique identifier for the host that is running Tecken. This is used in logging and metrics. The default is socket.gethostname().
- LOGGING_DEFAULT_LEVEL
- Parser:
str
- Default:
“INFO”
- Required:
No
Default level for logging. Should be one of INFO, DEBUG, WARNING, ERROR.
- STATSD_HOST
- Parser:
str
- Default:
“localhost”
- Required:
No
statsd host.
- STATSD_PORT
- Parser:
int
- Default:
“8125”
- Required:
No
statsd port.
- STATSD_NAMESPACE
- Parser:
str
- Default:
“”
- Required:
No
Namespace for statsd keys.
- FRONTEND_ROOT
- Parser:
str
- Default:
“os.path.join(BASE_DIR, “frontend/build/”)”
- Required:
No
Root directory for frontend files like index.html
- STATIC_ROOT
- Parser:
str
- Default:
“os.path.join(BASE_DIR, “frontend/build/static/”)”
- Required:
No
Root directory for static files.
- OIDC_RP_CLIENT_ID
- Parser:
str
- Required:
Yes
OIDC RP client id.
- OIDC_RP_CLIENT_SECRET
- Parser:
str
- Required:
Yes
OIDC RP client secret.
- OIDC_OP_AUTHORIZATION_ENDPOINT
- Parser:
str
- Required:
Yes
OIDC OP authorization endpoint.
- OIDC_OP_TOKEN_ENDPOINT
- Parser:
str
- Required:
Yes
OIDC OP token endpoint.
- OIDC_OP_USER_ENDPOINT
- Parser:
str
- Required:
Yes
OIDC OP user endpoint.
- OIDC_VERIFY_SSL
- Parser:
bool
- Default:
“true”
- Required:
No
Whether or not to verify SSL. This should always be True unless in a local dev environment.
- ENABLE_TOKENS_AUTHENTICATION
- Parser:
bool
- Default:
“true”
- Required:
No
True if API token authentication is enabled; false otherwise.
- TOKENS_DEFAULT_EXPIRATION_DAYS
- Parser:
int
- Default:
“365”
- Required:
No
Default expiration in days for tokens.
- REDIS_URL
- Parser:
str
- Required:
Yes
URL for Redis.
- STORAGE_CONNECT_TIMEOUT
- Parser:
int
- Default:
“5”
- Required:
No
Object storage connection timeout in seconds.
- STORAGE_READ_TIMEOUT
- Parser:
int
- Default:
“5”
- Required:
No
Object storage read timeout in seconds.
- UPLOAD_FILE_UPLOAD_MAX_WORKERS
- Parser:
int
- Default:
“0”
- Required:
No
Upload requests can be handled in parallel in a thread pool. This setting determines the number of threads in the pool. Setting this to 0 uses the number of local CPUs as the thread pool size.
- UPLOAD_TEMPDIR
- Parser:
str
- Default:
“/tmp/uploads”
- Required:
No
The directory to use as a workspace for handling symbol uploads.
- UPLOAD_TEMPDIR_ORPHANS_CUTOFF
- Parser:
int
- Default:
“15”
- Required:
No
Time in minutes before we consider a file to have been orphaned and should be deleted.
- ALLOW_UPLOAD_BY_ANY_DOMAIN
- Parser:
bool
- Default:
“false”
- Required:
No
When doing local development, especially load testing, it’s sometimes useful to be able to bypass all URL checks for Upload by Download.
- SYNCHRONOUS_UPLOAD_FILE_UPLOAD
- Parser:
bool
- Default:
“false”
- Required:
No
This is only really meant for the sake of being overrideable by other setting classes; in particular when running tests.
- SECRET_KEY
- Parser:
str
- Required:
Yes
Django’s secret key for signing things.
- DEBUG
- Parser:
bool
- Default:
“false”
- Required:
No
Whether or not to enable debug mode. Don’t set this to True in server environments
- ALLOWED_HOSTS
- Parser:
ListOf(str)
- Default:
“”
- Required:
No
Comma-delimited list of strings of host/domain names for this site.
- DATABASE_URL
- Parser:
dj_database_url.parse
- Required:
Yes
The database_url to use. This gets parsed into DATABASES configuration.
- CONN_MAX_AGE
- Parser:
int
- Default:
“60”
- Required:
No
Maximum age in minutes for connections.
- CONN_HEALTH_CHECKS
- Parser:
bool
- Default:
“true”
- Required:
No
Existing persistent database connections will be health checked before they are reused in each request performing database access.
- SESSION_COOKIE_AGE
- Parser:
int
- Default:
“str(60 * 60 * 24 * 365)”
- Required:
No
Age in seconds for cookies. Keep it quite short because we don’t have a practical way to do OIDC ID token renewal for this AJAX and curl heavy app.
- UPLOAD_GCS_BUCKET
- Parser:
str
- Required:
Yes
The GCS bucket name for uploads and downloads.
- UPLOAD_GCS_PUBLIC_URL
- Parser:
str
- Required:
Yes
The base URL for downloading files from the upload bucket.
- COMPRESS_EXTENSIONS
- Parser:
ListOf(str)
- Default:
“sym”
- Required:
No
During upload, for each file in the archive, if the extension matches this list, the file gets gzip compressed before uploading.
- MIME_OVERRIDES
- Parser:
dict_parser
- Default:
“{“sym”:”text/plain”}”
- Required:
No
For specific file uploads, override the mimetype.
For .sym files, for example, if the object storage knows them as ‘text/plain’ they become really handy to open in a browser and view directly.
- DISALLOWED_SYMBOLS_SNIPPETS
- Parser:
ListOf(str)
- Default:
“qcom/proprietary”
- Required:
No
Individual strings that can’t be allowed in any of the lines in the content of a symbols archive file.
- ALLOW_UPLOAD_BY_DOWNLOAD_DOMAINS
- Parser:
ListOf(str)
- Default:
“”,”.join( [ “queue.taskcluster.net”, “firefox-ci-tc.services.mozilla.com”, “stage.taskcluster.nonprod.cloudops.mozgcp.net”, “tecken-system-tests.symbols.nonprod.webservices.mozgcp.net”, ] )”
- Required:
No
When you “upload by download”, the URL’s domain needs to be in this allow list. This is to double-check that we don’t allow downloads from domains we don’t fully trust.
- DOWNLOAD_FILE_EXTENSIONS_ALLOWED
- Parser:
ListOf(str)
- Default:
“.sym,.dl_,.ex_,.pd_,.dbg.gz,.tar.bz2”
- Required:
No
A list of file extensions that if a file is NOT one of these extensions we can immediately return 404 and not bother to process for anything else.
It’s case sensitive and has to be lower case. As a way to get marginal optimization of this, make sure ‘.sym’ is first in the list since it’s the most common.
- CLIENT_OTEL_GCP_PROJECT
- Parser:
str
- Required:
Yes
The destination GCP project the upload-symbols CLI tool submits telemetry to.
- CLIENT_OTEL_GCP_REGION
- Parser:
str
- Default:
“us-west1”
- Required:
No
The GCP region for metrics submitted by clients.
- CLIENT_OTEL_LOG_LEVEL
- Parser:
str
- Default:
“info”
- Required:
No
The telemetry verbosity of the upload-symbols CLI tool.