Environment variables¶
All runtime configuration is provided through environment variables in the .env file at the root
of the repository. Copy .env.example as a starting point:
cp .env.example .env
Frontend build arguments¶
These are injected at build time by Vite and baked into the static bundle. Changing them requires a rebuild.
Variable |
Default |
Description |
|---|---|---|
|
|
URL of the WEISS repository used for build (production build will always build from source!). |
|
|
Application version checked out in build time and shown in the UI. |
|
|
When |
EPICS settings¶
Consumed by the weiss-epicsws service.
Variable |
Default |
Description |
|---|---|---|
|
|
Protocol used when a PV name has no |
|
|
Standard EPICS_CA_ADDR_LIST env variable. See EPICS docs for reference. |
|
|
Standard EPICS_CA_AUTO_ADDR_LIST env variable. See EPICS docs for reference. |
|
|
Standard EPICS_CA_MAX_ARRAY_BYTES env variable. See EPICS docs for reference. |
|
|
Standard EPICS_PVA_ADDR_LIST env variable. See EPICS docs for reference. |
|
|
Standard EPICS_PVA_AUTO_ADDR_LIST env variable. See EPICS docs for reference. |
Note
To receive PV traffic from IOCs outside of localhost, add the IOC host or subnet broadcast address
to the relevant address list. One may also choose to use a PVA or CA gateway as needed. More details
in EPICS docs
HTTPS settings¶
Consumed by both weiss (nginx) and weiss-api (FastAPI CORS and cookie flags).
Variable |
Default |
Description |
|---|---|---|
|
|
Set to true to enable HTTPS and mark session cookies as |
|
|
Path on the host to the full-chain TLS certificate (PEM). Mounted read-only into the container. |
|
|
Path on the host to the TLS private key (PEM). Mounted read-only into the container. |
|
|
Hostname under which the app is served. Used by nginx |
|
(unset) |
Hostname under which the documentation is served. When set, nginx adds a proxy block for it pointing to the docs container (port 8001). Requires running the docs service separately. Leave unset if you are not serving the docs. |
API settings¶
Consumed by the weiss-api service.
Microsoft Entra ID (SSO authentication)¶
Required when VITE_DEMO_MODE=false or when SSO login is desired alongside demo mode. See
Organization credentials for setup instructions.
Variable |
Default |
Description |
|---|---|---|
|
(none) |
Application (client) ID from the Azure app registration. |
|
|
Directory (tenant) ID. Use |
|
(none) |
Client secret value from the Azure app registration. |
Note
For now, only Microsoft Entra ID authentication method is supported, but the architecture allows for multiple providers to be added as needed. If you need a different authentication method, please open an issue or, better yet, contribute a provider implementation!
Technical account (git commits)¶
Required for commit and push operations from the staging editor. See Using Git for setup instructions.
Variable |
Default |
Description |
|---|---|---|
|
(none) |
Technical account token (PAT) with repository write permission. |
|
|
Technical account username. Used for commit history logs |
|
|
Technical account email. Used for commit history logs |
User roles¶
Controls the path of the roles.toml file that defines which users have the developer role. See
User roles for full setup instructions.
Variable |
Default |
Description |
|---|---|---|
|
|
Path on the host to the roles config file. Mounted read-only into the API container at startup. |