Skip to content
GitHub

Frontend service

Rafiki’s frontend service provides an optional internal admin interface, called the Rafiki Admin application, for you to manage your Rafiki instance through a Remix web app. This service communicates with the Backend Admin API to facilitate administrative tasks within Rafiki.

Requirements

The following are required when using the frontend service:

  • A Rafiki backend service up and running to access the Backend Admin API.
  • An identity provider for authentication and user management. Out of the box, the Rafiki Admin application uses Ory Kratos, a secure and fully open-source identity management solution.

You must also set the environment variables for the frontend service.

Rafiki Admin settings

While the frontend service is not required to run a Rafiki instance, it is highly recommended. A number of administrative tasks could be performed programmatically via the Backend Admin API, but the frontend service makes these functions available through a user-friendly interface.

Environment variables

Required

VariableHelm value nameDefaultDescription
GRAPHQL_URLfrontend.serviceUrls.GRAPHQL_URLundefinedURL for Rafiki’s GraphQL Auth Admin API
OPEN_PAYMENTS_URLfrontend.serviceUrls.OPEN_PAYMENTS_URLundefinedYour Open Payments API endpoint
PORTfrontend.portundefinedPort from which to host the Rafiki Remix app

Conditionally required

The following variables are required only when AUTH_ENABLED is set to true.

VariableHelm value nameDefaultDescription
KRATOS_ADMIN_URLfrontend.kratos.adminUrlundefinedThe admin endpoint/container address for Kratos
KRATOS_CONTAINER_PUBLIC_URLfrontend.kratos.containerPublicUrlundefinedThe URL for you to access the Kratos Docker container from within the Docker network. This is used for backend calls to Kratos.
KRATOS_BROWSER_PUBLIC_URLfrontend.kratos.browserPublicUrlundefinedThe URL for you to access the Kratos Docker container from a browser outside of the Docker network. This is used for calls from a browser (what you see in the Rafiki Admin UI) to the Kratos server on the backend.

Optional

VariableHelm value nameDefaultDescription
AUTH_ENABLEDfrontend.authEnabledtrueWhen true, only authenticated users can be granted access to Rafiki Admin by an administrator
SIGNATURE_SECRETfrontend.quoteSignatureSecretundefinedThe signature secret used to authenticate requests to the Backend Admin API.
SIGNATURE_VERSIONfrontend.signatureVersion1The signature version number used to authenticate requests to the Backend Admin API.
ENABLE_INSECURE_MESSAGE_COOKIEfrontend.enableInsecureMessageCookietrueWhen set to true, t, or 1, cookie will be transmitted over insecure HTTP connection. Insecure message cookies are required for flash messages to work over HTTP.
NODE_ENVfrontend.nodeEnvproductionThe type of node environment: development, test, or production.
LOG_LEVELfrontend.logLevelinfoPino log level