Configuring Izanami

Mandatory parameters

Secret

This parameter is mandatory for production purpose. This secret is used to encrypt various stuff such as token, cookies, or passwords.

Your application secret must have at least 256 bits.

You can either set the IZANAMI_SECRET env variable or use the app.secret parameter.

⚠️ If a custom secret is not set, a default will be used. This default is not secured since it's visible in Izanami public github repository.

Database

You can either provide a connection URI, or indicate database name, user, host, port and so on separately.

If a connection URI is provided, all other parameters will be ignored.

	Environnement variable	Program argument	Default
Uri	IZANAMI_PG_URI	app.pg.uri
Port	IZANAMI_PG_PORT	app.pg.port	5432
Host	IZANAMI_PG_HOST	app.pg.host	localhost
Database name	IZANAMI_PG_DATABASE	app.pg.database	postgres
Username	IZANAMI_PG_USER	app.pg.username	postgres
Password	IZANAMI_PG_PASSWORD	app.pg.password	postgres
Pool size	IZANAMI_PG_POOL_SIZE	app.pg.pool-size	20
Connect timeout(ms)	IZANAMI_PG_CONNECT_TIMEOUT	app.pg.connect-timeout	60000
Connection max lifetime	IZANAMI_PG_MAX_LIFETIME	app.pg.max-lifetime	0 (no maximum)
IDLE timeout(s)	IZANAMI_PG_IDLE_TIMEOUT	app.pg.idle-timeout	0 (no timeout)
Log activity	IZANAMI_PG_LOG_ACTIVITY	app.pg.log-activity	false
Pipelining limit	IZANAMI_PG_PIPELINING_LIMIT	app.pg.pipelining-limit	256

Database SSL

Izanami provides some configuration options to secure database connection with SSL

	Environnement variable	Program argument	Default
SSL	IZANAMI_PG_SSL_ENABLED	app.pg.ssl.enabled	false
Mode	IZANAMI_PG_SSL_MODE	app.pg.ssl.mode	REQUIRE
Trusted certtificates paths		trusted-certs-path	[]
Trusted certificate path	IZANAMI_PG_SSL_TRUSTED_CERT_PATH	trusted-cert-path
Trusted certificates		trusted-certs	[]
Trusted certificate	IZANAMI_PG_SSL_TRUSTED_CERT	trusted-cert
Client certificates paths		client-certs-path	[]
Client certificate path	IZANAMI_PG_SSL_CLIENT_CERT_PATH	client-cert-path
Client certificates		client-certs	[]
Client certificate	IZANAMI_PG_SSL_CLIENT_CERT	client-cert
Trust all certificates	IZANAMI_PG_SSL_TRUST_ALL	trust-all

Collection variables, such as trusted-certs-path can be valued throught command line with the following syntax:
java -jar izanami.jar -Dapp.pg.ssl.trusted-certs-path.0=first_path -Dapp.pg.ssl.trusted-certs-path.1=second_path

HTTP server

Since Izanami uses play framework under the hood, http server configuration rely heavily on play configuration keys.

Table above list essentials parameters, check Play documentation for more.

	Environnement variable	Program argument	Default
Port	PLAY_HTTP_PORT	play.server.http.port	9000

Admin account

When creating on an empty database, Izanami will create a user for you.

You'll have to use this user for your first login.

	Environnement variable	Program argument	Default
Username	IZANAMI_ADMIN_DEFAULT_USERNAME	app.admin.username	RESERVED_ADMIN_USER
Password	IZANAMI_ADMIN_DEFAULT_PASSWORD	app.admin.password	generated (and printed in stdout)

Exposition url

Izanami needs to know on which URL it is exposed, this use for generating invitation link or query builder links.

	Environnement variable	Program argument	Default
Exposition URL	IZANAMI_EXPOSITION_URL	app.exposition.url	http://localhost:${http.port}

Optional parameters

OpenId

Izanami allows to set up an external openid provider.

	Environnement variable	Program argument	Default
Client ID	IZANAMI_OPENID_CLIENT_ID	app.openid.client-id
Client secret	IZANAMI_OPENID_CLIENT_SECRET	app.openid.client-secret
Authorize URL	IZANAMI_OPENID_AUTHORIZE_URL	app.openid.authorize-url
Token URL	IZANAMI_OPENID_TOKEN_URL	app.openid.token-url
Redirect URL	IZANAMI_OPENID_REDIRECT_URL	app.openid.redirect-url	${app.exposition.url}/login
Scopes	IZANAMI_OPENID_SCOPES	app.openid.scopes	openid email profile
Email field	IZANAMI_OPENID_EMAIL_FIELD	app.openid.email-field	email
Username field	IZANAMI_OPENID_USERNAME_FIELD	app.openid.username-field	name

• Scopes indicates which scopes should be requested when calling authorization url.
• Email field indicates which field of id token should be used as user email
• Username field indicates which field of id token should be used as username

Wasmo

If you chose to set up a WASMO instance alongside Izanami, you'll need to provide additional properties.

	Environnement variable	Program argument	Default
Wasmo url	IZANAMI_WASMO_URL	app.wasmo.url
Wasmo client id	IZANAMI_WASMO_CLIENT_ID	app.wasmo.client-id
Wasmo client secret	IZANAMI_WASMO_CLIENT_SECRET	app.wasmo.client-secret
Wasm cache TTL (ms)	IZANAMI_WASM_CACHE_TTL	app.wasm.cache.ttl	60000

Various time to live

	Environnement variable	Program argument	Default
Invitation time to live (s)	IZANAMI_INVITATIONS_TTL	app.invitations.ttl	86400 (24h)
Session time to live (s)	IZANAMI_SESSIONS_TTL	app.sessions.ttl	3700
Password reset request time to live (s)	IZANAMI_PASSWORD_RESET_REQUEST_TTL	app.password-reset-requests.ttl	900 (15min)

Cors

Izanami uses Play CORS filter to handle CORS.

Therefore, CORS is configurable using play.filters.cors configuration keys.

Alternatively, Izanami re-exposes these configuration keys with below env variables :

Play configuration key	Environnement variable
play.filters.cors.pathPrefixes	IZANAMI_CORS_PATH_PREFIXES
play.filters.cors.allowedOrigins	IZANAMI_CORS_ALLOWED_ORIGINS
play.filters.cors.allowedHttpMethods	IZANAMI_CORS_ALLOWED_HTTP_METHODS
play.filters.cors.allowedHttpHeaders	IZANAMI_CORS_ALLOWED_HTTP_HEADERS
play.filters.cors.exposedHeaders	IZANAMI_CORS_EXPOSED_HEADERS
play.filters.cors.supportsCredentials	IZANAMI_CORS_SUPPORTS_CREDENTIALS
play.filters.cors.preflightMaxAge	IZANAMI_CORS_PREFLIGHT_MAX_AGE
play.filters.cors.serveForbiddenOrigins	IZANAMI_CORS_SERVE_FORBIDDEN_ORIGINS

Webhooks

Webhooks use exponential backoff algorithm to space out retries in case of failures. If retry exceed max allowed retry count, it stops trying and webhook won't be called.

Duration is computed as :

retryDelay = Math.min(initialDelay * Math.pow(multiplier, currentCount), maxDelay)

With configurable values

	Play configuration key	Environnement variable
max retry count	app.webhooks.retry.count	IZANAMI_WEBHOOK_RETRY_COUNT
initial delay (in seconds)	app.webhooks.retry.intial-delay	IZANAMI_WEBHOOK_RETRY_INITIAL_DELAY
max delay (in seconds)	app.webhooks.retry.max-delay	IZANAMI_WEBHOOK_RETRY_MAX_DELAY
multiplier	app.webhooks.retry.multiplier	IZANAMI_WEBHOOK_RETRY_MULTIPLIER

SearchBar Parameter: similarity_threshold

The similartiy_threshold parameter in Izanami is a key setting that influences the behavior of similarity-based search queries.

Purpose

This parameter determines how closely two strings need to match for the similarity function to recognize them as "similar".

Range

The similarity_threshold is a floating-point value ranging from 0.0 to 1.0:

• 0.0: All strings are considered similar, allowing for maximum inclusivity in search results.
• 1.0: Requires an exact match, providing the highest precision.

Usage

By adjusting the threshold, you can control the sensitivity of your similarity searches:

• Lower values (0.2-0.4): Broader matching criteria, capturing more results that might be loosely related.
• Higher values (0.8-1.0): Stricter matching criteria, focusing on results that closely resemble the query.

	Environnement variable	Program argument	Default
Similartiy_threshold parameter	IZANAMI_SIMILARITY_THRESHOLD_PARAMETER	app.search.similarity_threshold	0.2

Audit

Izanami offers an audit log for some actions, such as feature creation/update/delete. To provide this, it stores events about passed use actions. As time passes, event storage can grow very big.

Retention duration for this event can be parameterized using below variable.

⚠️ You won't be able to access audit log older than retention duration.

	Play configuration key	Environnement variable	Default
event retention duration (in hours)	app.audit.events-hours-ttl	IZANAMI_AUDIT_EVENTS_HOURS_TTL	4344 (~6 months)