Frontend service
Rafiki’s frontend
service provides an optional internal admin interface, called the Rafiki Admin application, for you to manage your Rafiki instance through a Remix web app. This service communicates with the Backend Admin API to facilitate administrative tasks within Rafiki.
Requirements
The following are required when using the frontend
service:
- A Rafiki
backend
service up and running to access the Backend Admin API. - An identity provider for authentication and user management. Out of the box, the Rafiki Admin application uses Ory Kratos, a secure and fully open-source identity management solution.
You must also set the environment variables for the frontend
service.
Rafiki Admin settings
While the frontend
service is not required to run a Rafiki instance, it is highly recommended. A number of administrative tasks could be performed programmatically via the Backend Admin API, but the frontend
service makes these functions available through a user-friendly interface.
Environment variables
Required
Variable | Helm value name | Default | Description |
---|---|---|---|
GRAPHQL_URL | frontend.serviceUrls.GRAPHQL_URL | undefined | URL for Rafiki’s GraphQL Auth Admin API |
OPEN_PAYMENTS_URL | frontend.serviceUrls.OPEN_PAYMENTS_URL | undefined | Your Open Payments API endpoint |
PORT | frontend.port | undefined | Port from which to host the Rafiki Remix app |
Conditionally required
The following variables are required only when AUTH_ENABLED
is set to true
.
Variable | Helm value name | Default | Description |
---|---|---|---|
KRATOS_ADMIN_URL | frontend.kratos.adminUrl | undefined | The admin endpoint/container address for Kratos |
KRATOS_CONTAINER_PUBLIC_URL | frontend.kratos.containerPublicUrl | undefined | The URL for you to access the Kratos Docker container from within the Docker network. This is used for backend calls to Kratos. |
KRATOS_BROWSER_PUBLIC_URL | frontend.kratos.browserPublicUrl | undefined | The URL for you to access the Kratos Docker container from a browser outside of the Docker network. This is used for calls from a browser (what you see in the Rafiki Admin UI) to the Kratos server on the backend. |
Optional
Variable | Helm value name | Default | Description |
---|---|---|---|
AUTH_ENABLED | frontend.authEnabled | true | When true , only authenticated users can be granted access to Rafiki Admin by an administrator |
SIGNATURE_SECRET | frontend.quoteSignatureSecret | undefined | The signature secret used to authenticate requests to the Backend Admin API. |
SIGNATURE_VERSION | frontend.signatureVersion | 1 | The signature version number used to authenticate requests to the Backend Admin API. |
ENABLE_INSECURE_MESSAGE_COOKIE | frontend.enableInsecureMessageCookie | true | When set to true , t , or 1 , cookie will be transmitted over insecure HTTP connection. Insecure message cookies are required for flash messages to work over HTTP. |
NODE_ENV | frontend.nodeEnv | production | The type of node environment: development , test , or production . |
LOG_LEVEL | frontend.logLevel | info | Pino log level |