Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/class-walker-comment.php on line 1

Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/class-walker-comment.php on line 1

Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/rest-api/endpoints/class-wp-rest-sidebars-controller.php on line 1

Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/rest-api/endpoints/class-wp-rest-sidebars-controller.php on line 1

Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/class-wp-block.php on line 1

Warning: Uninitialized string offset 0 in /home/platne/serwer55222/public_html/mixeway.io/wp-includes/class-wp-block.php on line 1
Configuration - Mixeway
< All Topics
Print

Configuration

This document provides a detailed overview of the Mixeway Flow Configuration, which is divided into two main parts: instance configuration and application configuration. The instance configuration includes settings that require a platform restart to apply changes, such as proxy setup, login type, and TLS/SSL. The application configuration, in its current version, allows for the setup of SMTP for outgoing email communication.

Instance Configuration

Instance configuration encompasses settings that are integral to the core operation of the Mixeway platform. These settings can only be modified during runtime, meaning any changes made will necessitate a restart of the platform to take effect. The key components of instance configuration are:

  1. Proxy Setup: Configuring a proxy server for network communications.
  2. Login Type: Determining the authentication method, either Single Sign-On (SSO) or traditional username/password.
  3. TLS/SSL: Setting up Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for secure communications.

Proxy Setup

To configure the proxy settings, you need to specify the proxy server details, including the address, port, and any necessary authentication credentials. This setup ensures that all network traffic is routed through the specified proxy server. Proxy will be used by Flow to reach git instance and get CVE feeds.

In order to configure proxy all You need to do is pass PROXY_HOST and `PROXY_PORT` variables to backend e.g. using docker-compose install:

backend:
    image: mixeway/flow-api:latest
    container_name: flowapi_backend
    ports:
      - "8888:8888"
      - "8443:8443"
    environment:
      SSL: "TRUE"
      PROXY_HOST: "127.0.0.1"
      PROXY_PORT: 3128
    volumes:
      - pki_data:/etc/pki
      - dependency_track_data:/root/.dependency-track
    depends_on:
      - flowdb

Login Type

The login type configuration allows you to choose between SSO and user/password authentication methods. SSO provides a seamless login experience by integrating with existing identity providers, while the user/password method requires manual credential management.

By Default username / password login type is enabled and default password is admin:admin – after first login You are forced to set new password. If You would like to setup SSO that support OAuth2 e.g. Keycloak You need to provide additional informations in docker-compose:

  backend:
    image: mixeway/flow-api:latest
    container_name: flowapi_backend
    ports:
      - "8888:8888"
      - "8443:8443"
    environment:
      SSL: "TRUE"
      SSO: "TRUE"
      SSO_CLIENT_ID: your_client_id
      SSO_CLIENT_SECRET: your_client_secret
      SSO_REDIRECT_URI: http://your-redirect-uri
      SSO_AUTHORIZATION_URI: http://your-authorization-uri
      SSO_TOKEN_URI: http://your-token-uri
      SSO_USER_INFO_URI: http://your-user-info-uri
      SSO_JWK_SET_URI: http://your-jwk-set-uri
      FRONTEND_URL: http://your-frontend-url
    volumes:
      - pki_data:/etc/pki
      - dependency_track_data:/root/.dependency-track
    depends_on:
      - flowdb

To obtain required links and client_id and secret contact Your SSO system administrator.

TLS/SSL

Configuring TLS/SSL is crucial for securing data transmission between the Mixeway platform and its users. This involves setting up certificates and keys to enable encrypted communications, thereby protecting sensitive information from potential threats.

By default both frontend and backend is configure to run using HTTPS. By Default if nothing is configured both frontend and backend generate self-signed TTL Certificates.

If You would like to use Your own certificates You need to remove volumes:

  • flow_data
  • pki_data

create Your own certificates and mount them for example assume I have files private.key public.crt and certificate.p12 (PKSC12 containing both key and cert) and file pass contains password for PKCS12 in location /etc/pki on my file system, modification of compose would look like:

version: '3.8'

services:
  backend:
    image: mixeway/flow-api:latest
    container_name: flowapi_backend
    ports:
      - "8888:8888"
      - "8443:8443"
    environment:
      SSL: "TRUE"
      # Uncomment and set these when using SSO
      # SSO: "TRUE"
      # SSO_CLIENT_ID: your_client_id
      # SSO_CLIENT_SECRET: your_client_secret
      # SSO_REDIRECT_URI: http://your-redirect-uri
      # SSO_AUTHORIZATION_URI: http://your-authorization-uri
      # SSO_TOKEN_URI: http://your-token-uri
      # SSO_USER_INFO_URI: http://your-user-info-uri
      # SSO_JWK_SET_URI: http://your-jwk-set-uri
      # FRONTEND_URL: http://your-frontend-url
    volumes:
      - /etc/pki:/etc/pki
      - dependency_track_data:/root/.dependency-track
    depends_on:
      - flowdb

  flowdb:
    image: postgres:latest
    container_name: flowdb
    ports:
      - "5432:5432"
    environment:
      POSTGRES_DB: flow
      POSTGRES_USER: flow_user
      POSTGRES_PASSWORD: flow_pass
    volumes:
      - flowdb_data:/var/lib/postgresql/data
  flow:
    image: mixeway/flow:latest
    container_name: flow_frontend
    ports:
      - "443:443"
    volumes:
      - /etc/pki:/etc/nginx/ssl
    depends_on:
      - backend

volumes:
  flowdb_data:
  dependency_track_data:
Table of Contents