Skip to content

Configuration

paranarimasu edited this page Apr 9, 2021 · 38 revisions

Note: WIP. Please contact para in the Discord for corrections or missing information.


Here we will configure the application for our development environment.

This guide covers configurations that expose settings to the .env file. This guide does not provide an overview for all configuration files.

Application

These properties define basic attributes of the application. They are enumerated here.

File: config/app.php

Auditing

Audits are the records of changes made to models. Audit logs are viewable from the admin panel for users with the Administrator role in the NOVA_TEAM_ID team.

By default, this feature is enabled through the AUDITING_ENABLED property. It can be disabled by setting this property to false.

File: config/audit.php

Broadcasting

These properties define the behavior of event broadcasting in the application. At the time of this writing, the application does not make use of event broadcasting, so these properties will not have an effect.

File: config/broadcasting.php

Cache

These properties define the driver-based cache store used by the application. No action is needed for the default file cache store. Configuration for other drivers are detailed here.

File: config/cache.php

Database

These properties define the database connection used by the application. The setup guide can be found here.

We may want to make use of a Redis database for performing functions such as cache storing and rate limiting. Follow this guide to set up Redis.

REDIS_CLIENT defines the client that the application uses to interface with Redis. We recommend using predis for development environments and phpredis for staging and production environments.

REDIS_CLUSTER defines the name of the cluster we are using if configured. We do not configure clusters at this time, so this can be left to the default value redis.

REDIS_URL can be used to identify the name, host and port all-in-one. By default, we do not use this option and leave it as null.

REDIS_HOST defines the host of our Redis database. By default, we assume that Redis is running on the same machine.

REDIS_PASSWORD defines the password of our Redis database. By default, we do not assume that a password has been set. Please ensure that you set this value if you define a password for your database.

REDIS_PORT defines the port that the database runs on. By default, this port is 6379.

REDIS_SCHEME defines the URI used for the database connection. By default, we use the tcp scheme. We may optimize our connection in Linux environments if the database is running on the same machine by using sockets, in which case this property should be set to unix and the client property should be set to phpredis.

File: config/database.php

Enlightn

Enlightn scans the application to provide actionable recommendations on improving its performance & security. There are some analyzers that are meant to be run for specific environments. There is a ENLIGHTN_SKIP_ENVIRONMENT_SPECIFIC property to specify whether we should skip environment specific analyzers if the environment does not match. This is set to false by default.

File: config/enlightn.php

Filesystems

These properties define "disks" that represent a particular storage driver and storage location. Configuration for drivers are detailed here.

We define an images disk and a videos disk in our application. These filesystems host our images and videos for streaming purposes. The guide to configure these filesystems can be found [here]().

File: config/filesystems.php

Hashing

These properties define the behavior for the driver used to hash passwords. The property BCRYPT_ROUNDS defines the amount of time it takes to hash a given password. By default, this is set to 10.

File: config/hashing.php

Horizon

Horizon provides a dashboard and code-driven configuration for our Redis queues. Horizon allows us to easily monitor key metrics of our queue system such as job throughput, runtime, and job failures. In our application, we authorize access to horizon through a team identified by the HORIZON_TEAM_ID property.

Remark: Horizon is dependent on Redis and PHP extensions pcntl and posix which are not ported to Windows. A Linux environment and Redis are required prerequisites. Horizon can still be accessed if not properly configured. The application will still function without Horizon being properly configured. In fact, composer is configured to ignore the platform requirements that Horizon needs.

File: config/horizon.php

Jetstream

Jetstream is an application starter kit for Laravel that provides the implementation for login, registration, email verification, two-factor authentication, session management, API via Laravel Sanctum, and optional team management features.

By default, Jetstream creates a personal team for each user and allows every user to create new teams. In our application, we disable personal teams and only allow the user identified by the TEAM_CREATOR_ID property to create teams. We must specify this property before we can create teams.

File: config/jetstream.php

Logging

These properties define the service that logs application messages.

LOG_CHANNEL defines the default log channel that gets used when writing messages to the logs. By default, we set our logging to the daily channel so that the logfile is rotated every day. The available driver list can be found here.

LOG_LEVEL determines the minimum "level" a message must be in order to be logged by the channel. By default, we set our level to debug so that we can see all messages. Monolog, which powers Laravel's logging services, offers all of the log levels defined in the RFC 5424 specification: emergency, alert, critical, error, warning, notice, info, and debug.

File: config/logging.php

Mail

These properties define the email services that our application uses.

By default, the MAIL_MAILER is set to log so that mailables are written to our log file. This way, we can inspect and respond to emails without needing to configure a external service. Additionally, we can inspect mailables in Telescope if we don't want to dig in the log file.

Configuration for other drivers are detailed here.

File: config/mail.php

Nova

Nova is a code-driven administration panel that allows us to manage our repository.

NOVA_DOMAIN_NAME is the "domain name" associated with the application. This can be used to prevent Nova's internal routes from being registered on subdomains which do not need access to your admin application. We do not make use of subdomains in our application so we can leave this as null.

NOVA_GUARD defines the authentication guard that will be used to protect Nova routes. We can leave this as null to use the default auth guard.

NOVA_PASSWORDS defines the password broker that will be used when passwords are reset. We can leave this as null to use the default broker.

NOVA_TEAM_ID defines the team that we authorize access to nova through. By default, this gate is bypassed on local environments, so if we need quick access to nova for our development needs, we can leave this as null.

File: config/nova.php

Queue

These properties configure the service that process dispatched background tasks.

By default, we set the property QUEUE_CONNECTION to sync so that tasks are processed synchronously without the need to configure an external service. Configuration for other drivers are detailed here.

File: config/queue.php

Scout

Scout provides a simple, driver based solution for adding full-text search to our Eloquent models. Using model observers, Scout will automatically keep search indexes in sync with our Eloquent records.

By default, we set the property SCOUT_DRIVER to null to disable scout.

At the time of this writing, we support an Elasticsearch driver to interface with an Elasticsearch engine and its indices and documents. Follow [this]() guide to configure Elasticsearch.

File: config/scout.php

Secure Headers

These settings toggle security header features that are injected into responses from the application. These are disabled by default as they may not be applicable for local environments.

ENABLE_CLEAR_SITE_DATA enables/disables Clear-Site-Data.

ENABLE_HSTS enables/disables HTTP Strict Transport Security. SSL/TLS setup is a required prerequisite.

ENABLE_EXPECT_CT enables/disables Expect_CT.

ENABLE_PERMISSIONS_POLICY enables/disables Permissions Policy.

ENABLE_CSP enables/disables Content Security Policy.

File: config/secure-headers.php

Services

These properties store credentials for third party services such as Mailgun, Postmark, AWS and more. We should review this file if configuring external services.

File: config/services.php

Session

These properties define the session store used by the application.

SESSION_DRIVER controls the default session "driver" that will be used on requests. By default, we use the database driver. Configuration for other drivers are detailed here.

SESSION_LIFETIME specifies the number of minutes that we want the session to be allowed to remain idle before it expires. By default, we set this to 120.

SESSION_CONNECTION allows us to specify the database connection used to manage sessions. We can leave this as null to use the default database connection. Otherwise, this value should match a configured database connection that we have defined in the database configuration file.

SESSION_STORE defines the cache store if we are using a cache-driven driver such as memcached or redis. If we are not using a cache-driven driver, we can leave this as null.

SESSION_DOMAIN identifies the domain of the cookie used to identify a session. This will determine which domains the cookie is available to in the application. By default, we leave this as null so that the application url is used.

SESSION_SECURE_COOKIE, if enabled, will only send session cookies back to the server if the browser has a HTTPS connection. This is disabled by default as we likely do not have this configured for a local environment.

File: config/session.php

Telescope

Telescope provides insight into the requests coming into the application, exceptions, log entries, database queries, queued jobs, mail, notifications, cache operations, scheduled tasks, variable dumps, and more.

TELESCOPE_DOMAIN is the subdomain where Telescope will be accessible from. If the setting is null, Telescope will reside under the same domain as the application. Otherwise, this value will be used as the subdomain. We can leave this as null.

TELESCOPE_PATH is the URI path where Telescope will be accessible from. By default, this is set to telescope. We can change this to whatever we like.

TELESCOPE_ENABLED is used to disable all Telescope watchers regardless of their individual configuration, which simply provides a single and convenient way to enable or disable Telescope data storage. By default, this is set to true. We can set this to false to disable telescope and its watchers.

TELESCOPE_DRIVER determines the storage driver that will be used to store Telescope's data. By default, we use the database driver for which we run migrations.

In our application, we authorize access to telescope through a team identified by the TELESCOPE_TEAM_ID property. By default, this gate is bypassed on local environments, so if we need quick access to telescope for our development needs, we can leave this as null.

File: config/telescope.php