SSE (Server-Sent Events) Configuration

Table of Contents

Introduction
Default Values
The Log Service Ecosystem
Subscribing
Event Bus Configuration
Configuration
- Environment Variables
- YAML Example

Introduction

The Infinite Scale sse service is responsible for sending sse (server-sent events) to a user. See What is Server-Sent Events…? for a simple introduction and examples of server-sent events.

Default Values

The sse service listens on port 9135 by default.

The Log Service Ecosystem

Log services like the userlog, clientlog and sse are responsible for composing notifications for a certain audience.

Log services and their tasks
userlog	This service translates and adjusts messages to be human-readable.
clientlog	This service composes machine-readable messages, so clients can act without the need to query the server.
sse	This service is only responsible for sending these messages. It does not care about their form or language.

Log services and their tasks

userlog

This service translates and adjusts messages to be human-readable.

clientlog

This service composes machine-readable messages, so clients can act without the need to query the server.

sse

This service is only responsible for sending these messages. It does not care about their form or language.

Subscribing

Clients can subscribe to the /sse endpoint to be informed by the server when an event happens. The sse endpoint will respect language changes of the user without needing to reconnect. Note that sse has a limitation of six open connections per browser which can be reached if one has opened various tabs of the Web UI pointing to the same Infinite Scale instance.

Event Bus Configuration

The Infinite Scale event bus can be configured by a set of environment variables.

If you are using a binary installation as described in Binary Setup or Bare Metal with systemd, the address of the event bus OCIS_EVENTS_ENDPOINT is predefined as localhost address without the need for further configuration, but changable on demand.
In case of an orchestrated installation like with Docker or Kubernetes, the event bus must be an external service for scalability like a Redis Sentinel cluster or a key-value-store NATS JetStream. Both named stores are supported and also used in Caching and Persistence. The store used is not part of the Infinite Scale installation and must be separately provided and configured.
Note that from a configuration point of view, caching and persistence are independent of the event bus configuration.

Note that for each global environment variable, a service-based one might be available additionally. For precedences see Environment Variable Notes. Check the configuration section below.

Without the aim of completeness, see the list of environment variables to configure the event bus:

Envvar Description

Envvar	Description
`OCIS_EVENTS_ENDPOINT`	The address of the event system.
`OCIS_EVENTS_CLUSTER`	The clusterID of the event system. Mandatory when using NATS as event system.
`OCIS_EVENTS_ENABLE_TLS`	Enable TLS for the connection to the events broker.
`OCIS_INSECURE`	Whether to verify the server TLS certificates.
`OCIS_EVENTS_AUTH_USERNAME`	The username to authenticate with the events broker.
`OCIS_EVENTS_AUTH_PASSWORD`	The password to authenticate with the events broker.

OCIS_EVENTS_ENDPOINT

The address of the event system.

OCIS_EVENTS_CLUSTER

The clusterID of the event system. Mandatory when using NATS as event system.

OCIS_EVENTS_ENABLE_TLS

Enable TLS for the connection to the events broker.

OCIS_INSECURE

Whether to verify the server TLS certificates.

OCIS_EVENTS_AUTH_USERNAME

The username to authenticate with the events broker.

OCIS_EVENTS_AUTH_PASSWORD

The password to authenticate with the events broker.

Configuration

Environment Variables

The sse service is configured via the following environment variables. Read the Environment Variable Types documentation for important details.

master

Environment variables for the sse service
Name	Type	Default Value	Description
`OCIS_LOG_LEVEL` `SSE_LOG_LEVEL`	string		The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.
`OCIS_LOG_PRETTY` `SSE_LOG_PRETTY`	bool	false	Activates pretty log output.
`OCIS_LOG_COLOR` `SSE_LOG_COLOR`	bool	false	Activates colorized log output.
`OCIS_LOG_FILE` `SSE_LOG_FILE`	string		The path to the log file. Activates logging to this file if set.
`SSE_DEBUG_ADDR`	string	127.0.0.1:9135	Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.
`SSE_DEBUG_TOKEN`	string		Token to secure the metrics endpoint.
`SSE_DEBUG_PPROF`	bool	false	Enables pprof, which can be used for profiling.
`SSE_DEBUG_ZPAGES`	bool	false	Enables zpages, which can be used for collecting and viewing in-memory traces.
`OCIS_TRACING_ENABLED` `SSE_TRACING_ENABLED`	bool	false	Activates tracing.
`OCIS_TRACING_TYPE` `SSE_TRACING_TYPE`	string		The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now.
`OCIS_TRACING_ENDPOINT` `SSE_TRACING_ENDPOINT`	string		The endpoint of the tracing agent.
`OCIS_TRACING_COLLECTOR` `SSE_TRACING_COLLECTOR`	string		The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.
`OCIS_EVENTS_ENDPOINT` `SSE_EVENTS_ENDPOINT`	string	127.0.0.1:9233	The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.
`OCIS_EVENTS_CLUSTER` `SSE_EVENTS_CLUSTER`	string	ocis-cluster	The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.
`OCIS_INSECURE` `SSE_EVENTS_TLS_INSECURE`	bool	false	Whether to verify the server TLS certificates.
`OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE` `SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE`	string		The root CA certificate used to validate the server’s TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false.
`OCIS_EVENTS_ENABLE_TLS` `SSE_EVENTS_ENABLE_TLS`	bool	false	Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.
`OCIS_EVENTS_AUTH_USERNAME` `SSE_EVENTS_AUTH_USERNAME`	string		The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.
`OCIS_EVENTS_AUTH_PASSWORD` `SSE_EVENTS_AUTH_PASSWORD`	string		The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.
`SSE_HTTP_ADDR`	string	127.0.0.1:0	The bind address of the HTTP service.
`SSE_HTTP_ROOT`	string	/	Subdirectory that serves as the root for this HTTP service.
`OCIS_CORS_ALLOW_ORIGINS` `SSE_CORS_ALLOW_ORIGINS`	[]string	[*]	A list of allowed CORS origins. See following chapter for more details: Access-Control-Allow-Origin at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.
`OCIS_CORS_ALLOW_METHODS` `SSE_CORS_ALLOW_METHODS`	[]string	[GET]	A list of allowed CORS methods. See following chapter for more details: Access-Control-Request-Method at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.
`OCIS_CORS_ALLOW_HEADERS` `SSE_CORS_ALLOW_HEADERS`	[]string	[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]	A list of allowed CORS headers. See following chapter for more details: Access-Control-Request-Headers at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.
`OCIS_CORS_ALLOW_CREDENTIALS` `SSE_CORS_ALLOW_CREDENTIALS`	bool	true	Allow credentials for CORS.See following chapter for more details: Access-Control-Allow-Credentials at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.
`OCIS_HTTP_TLS_ENABLED`	bool	false	Activates TLS for the http based services using the server certifcate and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true.
`OCIS_HTTP_TLS_CERTIFICATE`	string		Path/File name of the TLS server certificate (in PEM format) for the http services.
`OCIS_HTTP_TLS_KEY`	string		Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services.
`OCIS_JWT_SECRET` `SSE_JWT_SECRET`	string		The secret to mint and validate jwt tokens.

YAML Example

Note that the filename shown below has been chosen on purpose.
See the Configuration File Naming for details when setting up your own configuration.
See the Notes for Environment Variables if you want to use environment variables in the yaml file.

master

# Autogenerated
# Filename: sse-config-example.yaml

log:
  level: ""
  pretty: false
  color: false
  file: ""
debug:
  addr: 127.0.0.1:9135
  token: ""
  pprof: false
  zpages: false
tracing:
  enabled: false
  type: ""
  endpoint: ""
  collector: ""
events:
  endpoint: 127.0.0.1:9233
  cluster: ocis-cluster
  tls_insecure: false
  tls_root_ca_certificate: ""
  enable_tls: false
  username: ""
  password: ""
http:
  addr: 127.0.0.1:0
  root: /
  cors:
    allow_origins:
    - '*'
    allow_methods:
    - GET
    allow_headers:
    - Authorization
    - Origin
    - Content-Type
    - Accept
    - X-Requested-With
    - X-Request-Id
    - Ocs-Apirequest
    allow_credentials: true
  tls:
    enabled: false
    cert: ""
    key: ""
token_manager:
  jwt_secret: ""