-
-
Notifications
You must be signed in to change notification settings - Fork 13
Configuration
Note: WIP. Please contact para in the Discord for corrections or missing information.
Here we will configure the application for our development environment.
This guide covers configurations that expose settings to the .env
file. This guide does not provide an overview for all configuration files.
- Application
- Auditing
- Broadcasting
- Cache
- Database
- Enlightn
- Filesystems
- Horizon
- Jetstream
- Logging
- Nova
- Queue
- Scout
- Secure Headers
- Services
- Session
- Telescope
These properties define basic attributes of the application. They are enumerated here.
File: config/app.php
Audits are the records of changes made to models. Audit logs are viewable from the admin panel for users with the Administrator role in the NOVA_TEAM_ID
team.
By default, this feature is enabled through the AUDITING_ENABLED
property. It can be disabled by setting this property to false
.
File: config/audit.php
These properties define the behavior of event broadcasting in the application. At the time of this writing, the application does not make use of event broadcasting, so these properties will not have an effect.
File: config/broadcasting.php
These properties define the driver-based cache store used by the application. No action is needed for the default file
cache store. Configuration for other drivers are detailed here.
File: config/cache.php
These properties define the database connection used by the application. The setup guide can be found here.
We may want to make use of a Redis database for performing functions such as cache storing and rate limiting. Follow [this]() guide to set up Redis.
File: config/database.php
Enlightn scans the application to provide actionable recommendations on improving its performance & security. There are some analyzers that are meant to be run for specific environments. There is a ENLIGHTN_SKIP_ENVIRONMENT_SPECIFIC
property to specify whether we should skip environment specific analyzers if the environment does not match. This is set to false
by default.
File: config/enlightn.php
These properties define "disks" that represent a particular storage driver and storage location. They are enumerated [here](), including setup instructions for videos
and images
disks if we want to utilize them.
File: config/filesystems.php
These properties define the behavior for the driver used to hash passwords. The property BCRYPT_ROUNDS
defines the amount of time it takes to hash a given password. By default, this is set to 10
.
File: config/hashing.php
Horizon provides a dashboard and code-driven configuration for our Redis queues. Horizon allows us to easily monitor key metrics of our queue system such as job throughput, runtime, and job failures. In our application, we authorize access to horizon through a team identified by the HORIZON_TEAM_ID
property.
Remark: Horizon is dependent on Redis and PHP extensions pcntl
and posix
which are not ported to Windows. A Linux environment and Redis are required prerequisites. Horizon can still be accessed if not properly configured. The application will still function without Horizon being properly configured. In fact, composer is configured to ignore the platform requirements that Horizon needs.
File: config/horizon.php
Jetstream is an application starter kit for Laravel that provides the implementation for login, registration, email verification, two-factor authentication, session management, API via Laravel Sanctum, and optional team management features.
By default, Jetstream creates a personal team for each user and allows every user to create new teams. In our application, we disable personal teams and only allow the user identified by the TEAM_CREATOR_ID
property to create teams. We must specify this property before we can create teams.
File: config/jetstream.php
These properties define the service that logs application messages.
LOG_CHANNEL
defines the default log channel that gets used when writing messages to the logs. By default, we set our logging to the daily
channel so that the logfile is rotated every day. The available driver list can be found here.
LOG_LEVEL
determines the minimum "level" a message must be in order to be logged by the channel. By default, we set our level to debug
so that we can see all messages. Monolog, which powers Laravel's logging services, offers all of the log levels defined in the RFC 5424 specification: emergency, alert, critical, error, warning, notice, info, and debug.
File: config/logging.php
These properties define the email services that our application uses.
By default, the MAIL_MAILER
is set to log
so that mailables are written to our log file. This way, we can inspect and respond to emails without needing to configure a external service. Additionally, we can inspect mailables in Telescope if we don't want to dig in the log file.
Configuration for other drivers are detailed here.
File: config/mail.php
Nova is a code-driven administration panel that allows us to manage our repository.
NOVA_DOMAIN_NAME
is the "domain name" associated with the application. This can be used to prevent Nova's internal routes from being registered on subdomains which do not need access to your admin application. We do not make use of subdomains in our application so we can leave this as null
.
NOVA_GUARD
defines the authentication guard that will be used to protect Nova routes. We can leave this as null
to use the default auth guard.
NOVA_PASSWORDS
defines the password broker that will be used when passwords are reset. We can leave this as null
to use the default broker.
NOVA_TEAM_ID
defines the team that we authorize access to nova through. By default, this gate is bypassed on local environments, so if we need quick access to nova for our development needs, we can leave this as null
.
File: config/nova.php
These properties configure the service that process dispatched background tasks.
By default, we set the property QUEUE_CONNECTION
to sync
so that tasks are processed synchronously without the need to configure an external service. Configuration for other drivers are detailed here.
File: config/queue.php
Scout provides a simple, driver based solution for adding full-text search to our Eloquent models. Using model observers, Scout will automatically keep search indexes in sync with our Eloquent records.
By default, we set the property SCOUT_DRIVER
to null
to disabled scout.
Follow [this]() guide to enable scout and configure supported drivers.
File: config/scout.php
These settings toggle security header features that are injected into responses from the application. These are disabled by default as they may not be applicable for local environments.
ENABLE_CLEAR_SITE_DATA
enables/disables Clear-Site-Data.
ENABLE_HSTS
enables/disables HTTP Strict Transport Security. SSL/TLS setup is a required prerequisite.
ENABLE_EXPECT_CT
enables/disables Expect_CT.
ENABLE_PERMISSIONS_POLICY
enables/disables Permissions Policy.
ENABLE_CSP
enables/disables Content Security Policy.
File: config/secure-headers.php
These properties store credentials for third party services such as Mailgun, Postmark, AWS and more. We should review this file if configuring external services.
File: config/services.php
These properties define the session store used by the application.
SESSION_DRIVER
controls the default session "driver" that will be used on requests. By default, we use the database
driver. Configuration for other drivers are detailed here.
SESSION_LIFETIME
specifies the number of minutes that we want the session to be allowed to remain idle before it expires. By default, we set this to 120
.
SESSION_CONNECTION
allows us to specify the database connection used to manage sessions. We can leave this as null
to use the default database connection. Otherwise, this value should match a configured database connection that we have defined in the database configuration file.
SESSION_STORE
defines the cache store if we are using a cache-driven driver such as memcached or redis. If we are not using a cache-driven driver, we can leave this as null
.
SESSION_DOMAIN
identifies the domain of the cookie used to identify a session. This will determine which domains the cookie is available to in the application. By default, we leave this as null
so that the application url is used.
SESSION_SECURE_COOKIE
, if enabled, will only send session cookies back to the server if the browser has a HTTPS connection. This is disabled
by default as we likely do not have this configured for a local environment.
File: config/session.php
Telescope provides insight into the requests coming into the application, exceptions, log entries, database queries, queued jobs, mail, notifications, cache operations, scheduled tasks, variable dumps, and more.
TELESCOPE_DOMAIN
is the subdomain where Telescope will be accessible from. If the setting is null, Telescope will reside under the same domain as the application. Otherwise, this value will be used as the subdomain. We can leave this as null
.
TELESCOPE_PATH
is the URI path where Telescope will be accessible from. By default, this is set to telescope
. We can change this to whatever we like.
TELESCOPE_ENABLED
is used to disable all Telescope watchers regardless of their individual configuration, which simply provides a single and convenient way to enable or disable Telescope data storage. By default, this is set to true
. We can set this to false
to disable telescope and its watchers.
TELESCOPE_DRIVER
determines the storage driver that will be used to store Telescope's data. By default, we use the database
driver for which we run migrations.
In our application, we authorize access to telescope through a team identified by the TELESCOPE_TEAM_ID
property. By default, this gate is bypassed on local environments, so if we need quick access to telescope for our development needs, we can leave this as null
.
File: config/telescope.php