Skip to main content

All Connector configuration variables

info

As of SaaS v2, Connector configuration uses new canonical property names documented below. The legacy moderne.agent.* property names (and their MODERNE_AGENT_* environment variable equivalents) are still accepted and automatically mapped to their canonical equivalents at startup. New deployments should use the canonical names shown here.

This document includes all of the variables you can configure the Moderne Connector to run with. Your configuration will only use some of these.

Core variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_CONNECTOR_APIGATEWAYRSOCKETURItrueThe URI used to connect to the Moderne API, provided by Moderne.
MODERNE_CONNECTOR_CRYPTO_SYMMETRICKEYtrueA 256-bit AES encryption key, hex encoded. Used to encrypt your artifacts.
MODERNE_CONNECTOR_NICKNAMEtrueA name used to identify your Connector in the SaaS Connector dashboard UI.
MODERNE_CONNECTOR_TOKENtrueThe Moderne SaaS Connector connection token, provided by Moderne.
MODERNE_SCM_DEFAULTCOMMITOPTIONS_{index}falseAll options available.Use to restrict which commit options are available in Moderne. Acceptable values: Direct, Branch, Fork, PullRequest, ForkAndPullRequest.
MODERNE_AUTHORIZATION_ACCESSTOKENS_MAXEXPIRYDAYSfalseThe maximum number of days a personal access token can be configured to expire in. When set, users cannot create tokens with an expiry date beyond this limit.

Example:

docker run \
-e MODERNE_CONNECTOR_APIGATEWAYRSOCKETURI=https://api.tenant.moderne.io/connector \
-e MODERNE_CONNECTOR_CRYPTO_SYMMETRICKEY=yourSymmetricKey \
-e MODERNE_CONNECTOR_NICKNAME=prod-1 \
-e MODERNE_CONNECTOR_TOKEN=yourToken \
-e MODERNE_SCM_DEFAULTCOMMITOPTIONS_0=PullRequest \
-e MODERNE_SCM_DEFAULTCOMMITOPTIONS_1=ForkAndPullRequest \
# ... Additional variables

Azure variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_SCM_AZUREDEVOPS_{index}_OAUTH_CLIENTIDtrueThe client ID of the registered OAuth app.
MODERNE_SCM_AZUREDEVOPS_{index}_OAUTH_CLIENTSECRETtrueThe client secret of the registered OAuth app.
MODERNE_SCM_AZUREDEVOPS_{index}_OAUTH_TENANTIDtrueThe Azure tenant ID of the registered OAuth app.

Example:

docker run \
# ... Existing variables
-e MODERNE_SCM_AZUREDEVOPS_0_OAUTH_CLIENTID=4affd674-286d-423f-b643-7ffe4dec0f53 \
-e MODERNE_SCM_AZUREDEVOPS_0_OAUTH_CLIENTSECRET=yourClientSecret \
-e MODERNE_SCM_AZUREDEVOPS_0_OAUTH_TENANTID=488bc312-9fdc-43d2-a647-7a7b28066cc4 \
# ... Additional variables

Bitbucket Cloud variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_SCM_BITBUCKETCLOUD_OAUTH_KEYtrueThe key specified in your Bitbucket OAuth consumer.
MODERNE_SCM_BITBUCKETCLOUD_OAUTH_SECRETtrueThe secret specified in your Bitbucket OAuth consumer.

Example:

docker run \
# ... Existing variables
-e MODERNE_SCM_BITBUCKETCLOUD_OAUTH_KEY=yourOAuthKey \
-e MODERNE_SCM_BITBUCKETCLOUD_OAUTH_SECRET=yourSecretKey \
# ... Additional variables

Bitbucket Data Center variables

info

You can configure multiple Bitbucket instances by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_SCM_BITBUCKETDATACENTER_{index}_URItrueThe fully-qualified URI of the running Bitbucket instance. For example: https://bitbucket.myorg.com.
MODERNE_SCM_BITBUCKETDATACENTER_{index}_PRIVATEKEYconditional(OAuth1.0a only) The private key you configured for this Bitbucket instance.
MODERNE_SCM_BITBUCKETDATACENTER_{index}_OAUTH_KEYconditional(OAuth2 only) The client id for the Application Link that you configured for this Bitbucket instance.
MODERNE_SCM_BITBUCKETDATACENTER_{index}_OAUTH_SECRETconditional(OAuth2 only) The client secret for the Application Link that you configured for this Bitbucket instance.
MODERNE_SCM_BITBUCKETDATACENTER_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL validation for HTTP connections to this Bitbucket instance. This must be set to true if you use a self-signed SSL/TLS certificate.

Example:

docker run \
# ... Existing variables
-e MODERNE_SCM_BITBUCKETDATACENTER_0_OAUTH_KEY=yourClientId \
-e MODERNE_SCM_BITBUCKETDATACENTER_0_OAUTH_SECRET=yourClientSecret \
-e MODERNE_SCM_BITBUCKETDATACENTER_0_URI=https://bitbucket.myorg.com \
# ... Additional variables

GitHub variables

info

You can configure multiple GitHub OAuth apps by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_SCM_GITHUB_{index}_OAUTH_CLIENTIDtrueThe client id configured in GitHub.
MODERNE_SCM_GITHUB_{index}_OAUTH_CLIENTSECRETtrueThe client secret configured in GitHub.
MODERNE_SCM_GITHUB_{index}_URItrueThe fully-qualified hostname of the running GitHub instance.
MODERNE_SCM_GITHUB_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL validation for HTTP connections to this GitHub instance. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_SCM_GITHUB_{index}_ALLOWABLE_ORGANIZATIONS_{index}falseSee descriptionSpecifies what organizations you can fork recipe results to. By default, there are no restrictions on which organizations can be committed to. If you want multiple organizations, increase the last index and add one per line.
MODERNE_SCM_GITHUB_{index}_OAUTH_INCLUDEPRIVATEREPOSfalseSee descriptionBy default, the OAuth app will only have access to public repositories within your organization(s). To provide the OAuth app access to private repositories, you can set this to true.

Example:

docker run \
# ... Existing variables
-e MODERNE_SCM_GITHUB_0_OAUTH_CLIENTID=yourClientId \
-e MODERNE_SCM_GITHUB_0_OAUTH_CLIENTSECRET=yourClientSecret \
-e MODERNE_SCM_GITHUB_0_URI=https://myorg.github.com \
-e MODERNE_SCM_GITHUB_0_ALLOWABLE_ORGANIZATIONS_0=moderne \
-e MODERNE_SCM_GITHUB_0_ALLOWABLE_ORGANIZATIONS_1=openrewrite \
-e MODERNE_SCM_GITHUB_0_OAUTH_INCLUDEPRIVATEREPOS=true \
# ... Additional variables

GitLab variables

You can configure multiple GitLab OAuth apps by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_SCM_GITLAB_{index}_OAUTH_CLIENTIDtrueThe application id configured in GitLab.
MODERNE_SCM_GITLAB_{index}_OAUTH_CLIENTSECRETtrueThe secret configured in GitLab.
MODERNE_SCM_GITLAB_{index}_URItrueThe fully-qualified hostname of your GitLab instance.
MODERNE_SCM_GITLAB_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL validation for HTTP connections to this GitLab instance. This must be set to true if you use a self-signed SSL/TLS certificate.

Example:

docker run \
# ... Existing variables
-e MODERNE_SCM_GITLAB_0_OAUTH_CLIENTID=yourClientId \
-e MODERNE_SCM_GITLAB_0_OAUTH_CLIENTSECRET=yourClientSecret \
-e MODERNE_SCM_GITLAB_0_URI=https://your-gitlab.com \
# ... Additional variables

Organization hierarchy variables

Environment variables:

Environment VariableRequiredDefaultDescription
MODERNE_ORGANIZATION_SOURCES_FILE_{index}_PATHfalseThe path to a local repos.csv file, relative to the Connector's permanent directory (MODERNE_CONNECTOR_STORAGE_PERMANENTDIR).
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_URIfalseThe URL of an HTTP(S) endpoint serving your repos.csv file (e.g., https://<internal-endpoint>/repos.csv).
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_USERNAMEfalseUsername for basic auth against the HTTP endpoint. Mutually exclusive with BEARERTOKEN.
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_PASSWORDfalsePassword for basic auth against the HTTP endpoint. Mutually exclusive with BEARERTOKEN.
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_BEARERTOKENfalseBearer token for the HTTP endpoint. Mutually exclusive with USERNAME/PASSWORD.
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_PROXY_HOSTfalseThe hostname of a proxy server to use for connections to the HTTP endpoint. If specified, PROXY_PORT must also be set.
MODERNE_ORGANIZATION_SOURCES_HTTP_{index}_PROXY_PORTfalseThe port of the proxy server to use for connections to the HTTP endpoint. If specified, PROXY_HOST must also be set.
MODERNE_ORGANIZATION_SOURCES_S3_{index}_URIfalseThe S3 URI of a CSV object (e.g., s3://my-bucket/repos-lock.csv). For the full set of S3 auth/region/endpoint variables, please see S3 organization source.

Example using a local file:

docker run \
# ... Existing variables
-e MODERNE_ORGANIZATION_SOURCES_FILE_0_PATH=repos.csv \
# ... Additional variables

Example using an HTTP URL:

docker run \
# ... Existing variables
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_URI=https://internal.example.com/repos.csv \
# ... Additional variables

Organization sync variables

These variables control how often the Connector re-fetches each repos.csv source and the global concurrency for LST download, encryption, and upload operations. Both are optional.

Environment variables:

Environment VariableRequiredDefaultDescription
MODERNE_CONNECTOR_ORGANIZATION_MODEfalseAUTOIndexing mode. AUTO infers POLLING when any poll repository is configured and LOCK otherwise. LOCK forces use of publishUri values from the CSV (poll repositories, if any, supply credentials only). POLLING forces AQL / Maven Indexer discovery against poll repositories.
MODERNE_CONNECTOR_ORGANIZATION_INTERVALfalse10mHow often the Connector re-fetches each source repos.csv and re-runs enrichment. Applies to both LOCK and POLLING modes. Specified as a duration (e.g., 10m, 1h).
MODERNE_CONNECTOR_ORGANIZATION_DOWNLOADPARALLELISMfalsemax(4, availableProcessors())Global cap on concurrent LST download, encrypt, and upload operations across all configured sources.

Example:

docker run \
# ... Existing variables
-e MODERNE_CONNECTOR_ORGANIZATION_INTERVAL=5m \
-e MODERNE_CONNECTOR_ORGANIZATION_DOWNLOADPARALLELISM=8 \
# ... Additional variables

Maven repository variables

You can configure multiple Maven repositories by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_URItrueThe URI of your Maven repository.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_LOCALREPOSITORYfalse~/.moderne-mavenThe path on disk where LST artifacts and Maven index files will be downloaded to. This is on the disk where the Connector is being run and not on the Maven instance.

LST artifacts are deleted from this location after they are transmitted to Moderne. Index files will remain behind to be used to detect diffs in the artifacts.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_USERNAMEfalsenullThe username used to resolve artifacts.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_PASSWORDfalsenullThe password used to resolve artifacts.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_RELEASESfalsetrueSpecifies whether or not this repository should be searched for releases.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_SNAPSHOTSfalsetrueSpecifies whether or not this repository should be searched for snapshots.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_SKIPSSLfalsefalseWhether or not to skip SSL/TLS verification for calls from the Connector to this Maven repository. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_SKIPVALIDATECONNECTIVITYfalsefalseBy default, on Connector startup, we will validate that we can connect to this Maven repository, and fail to start up the Connector if we cannot. Set this to true to skip this validation.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_PROXY_HOSTfalseThe hostname of a proxy server to use for connections to this Maven repository.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_PROXY_PORTfalseThe port of the proxy server to use for connections to this Maven repository.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_CONNECTTIMEOUTfalse30sTimeout for the connection to be established (and the first data received). Specified as a duration (e.g., 30s, 1m).
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_{index}_READTIMEOUTfalse60sTimeout for reading the response body from the Maven repository. Specified as a duration (e.g., 60s, 5m).

Example:

docker run \
# ... Existing variables
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_0_URI=https://myartifactory.example.com/artifactory/libs-releases-local \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_0_USERNAME=admin \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_MAVEN_0_PASSWORD=password \
# ... Additional variables

Artifactory repository variables

You can configure multiple Artifactory servers by including multiple entries, each with a different {index}. Within a given Artifactory server configuration, you can configure multiple LST query filters by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_URItrueThe URL of your Artifactory instance.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_USERNAMEfalseThe username used to connect to your Artifactory instance. This user must have permission to run AQL queries.

Note: Only one of basic auth (username+password) or bearer token can be used.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_PASSWORDfalseThe password used to connect to your Artifactory instance.

Note: Only one of basic auth (username+password) or bearer token can be used.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_BEARERTOKENfalseThe bearer token (access token) used to connect to your Artifactory instance.

Note: Only one of basic auth (username+password) or bearer token can be used. If bearerToken is specified, username and password must not be provided.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_LSTQUERYFILTERS_{index}trueThe AQL query fragment used to select LST artifacts to send to Moderne. If multiple are specified, they are combined together with an AND.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL verification for HTTP connections from the Connector to this Artifactory instance. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_SKIPVALIDATECONNECTIVITYfalsefalseBy default, on Connector startup, we will validate that we can connect to this Artifactory instance, and fail to start up the Connector if we cannot. Set this to true to skip this validation.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_PROXY_HOSTfalseThe hostname of a proxy server to use for connections to this Artifactory instance.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_PROXY_PORTfalseThe port of the proxy server to use for connections to this Artifactory instance.
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_CONNECTTIMEOUTfalse30sTimeout for the connection to be established (and the first data received). Specified as a duration (e.g., 30s, 1m).
MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_{index}_READTIMEOUTfalse60sTimeout for reading the response body from the Artifactory instance. Specified as a duration (e.g., 60s, 5m).

Example:

docker run \
# ... Existing variables
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_0_URI=https://myartifactory.example.com/artifactory/ \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_0_USERNAME=admin \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_0_PASSWORD=password \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_0_LSTQUERYFILTERS_0='"name":{"$match":"*-ast.jar"}' \
-e MODERNE_ORGANIZATION_SOURCES_HTTP_0_POLL_ARTIFACTORY_0_LSTQUERYFILTERS_1='"repo":{"$eq":"example-maven"}' \
# ... Additional variables

Recipe marketplace Maven variables

Recipe marketplace repositories are configured under the moderne.recipe.marketplace.repositories namespace. You can configure multiple Maven repositories by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_URItrueThe URL of your Maven repository.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_USERNAMEfalsenullThe username used to resolve artifacts.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_PASSWORDfalsenullThe password used to resolve artifacts.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_PROXY_HOSTfalsenullThe host of an HTTP proxy used to reach this repository.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_PROXY_PORTfalsenullThe port of an HTTP proxy used to reach this repository.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_SKIPSSLfalsefalseWhether or not to skip SSL/TLS verification for calls from the Connector to this Maven repository. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_RELEASESfalsetrueSpecifies whether or not this repository should be searched for releases.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_{index}_SNAPSHOTSfalsetrueSpecifies whether or not this repository should be searched for snapshots.

Example:

docker run \
# ... Existing variables
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_0_URI=https://myartifactory.example.com/artifactory/libs-releases-local \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_0_USERNAME=admin \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_MAVEN_0_PASSWORD=password \
# ... Additional variables

Recipe marketplace NPM variables

NPM repositories support either basic authentication (username + password) or bearer token authentication (bearerToken), but not both at the same time. You can configure multiple NPM registries by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_URItrueThe URL of your NPM registry.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_USERNAMEfalsenullThe username used to resolve artifacts. Mutually exclusive with BEARERTOKEN.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_PASSWORDfalsenullThe password used to resolve artifacts. Mutually exclusive with BEARERTOKEN.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_BEARERTOKENfalsenullA bearer token used to resolve artifacts. Mutually exclusive with USERNAME/PASSWORD.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_PROXY_HOSTfalsenullThe host of an HTTP proxy used to reach this registry.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_PROXY_PORTfalsenullThe port of an HTTP proxy used to reach this registry.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_{index}_SKIPSSLfalsefalseWhether or not to skip SSL/TLS verification for calls from the Connector to this NPM registry. This must be set to true if you use a self-signed SSL/TLS certificate.

Example:

docker run \
# ... Existing variables
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_0_URI=https://myartifactory.example.com/artifactory/api/npm/npm-local \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NPM_0_BEARERTOKEN=... \
# ... Additional variables

Recipe marketplace NuGet variables

NuGet repositories support either basic authentication (username + password) or bearer token authentication (bearerToken), but not both at the same time. You can configure multiple NuGet feeds by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_URItrueThe URL of your NuGet feed.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_USERNAMEfalsenullThe username used to resolve artifacts. Mutually exclusive with BEARERTOKEN.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_PASSWORDfalsenullThe password used to resolve artifacts. Mutually exclusive with BEARERTOKEN.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_BEARERTOKENfalsenullA bearer token used to resolve artifacts. Mutually exclusive with USERNAME/PASSWORD.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_PROXY_HOSTfalsenullThe host of an HTTP proxy used to reach this feed.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_PROXY_PORTfalsenullThe port of an HTTP proxy used to reach this feed.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_{index}_SKIPSSLfalsefalseWhether or not to skip SSL/TLS verification for calls from the Connector to this NuGet feed. This must be set to true if you use a self-signed SSL/TLS certificate.

Example:

docker run \
# ... Existing variables
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_0_URI=https://myartifactory.example.com/artifactory/api/nuget/nuget-local \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_NUGET_0_BEARERTOKEN=... \
# ... Additional variables

Recipe marketplace PyPI variables

You can configure multiple PyPI indexes by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_URItrueThe URL of your PyPI index.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_USERNAMEfalsenullThe username used to resolve artifacts.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_PASSWORDfalsenullThe password used to resolve artifacts.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_PROXY_HOSTfalsenullThe host of an HTTP proxy used to reach this index.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_PROXY_PORTfalsenullThe port of an HTTP proxy used to reach this index.
MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_{index}_SKIPSSLfalsefalseWhether or not to skip SSL/TLS verification for calls from the Connector to this PyPI index. This must be set to true if you use a self-signed SSL/TLS certificate.

Example:

docker run \
# ... Existing variables
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_0_URI=https://myartifactory.example.com/artifactory/api/pypi/pypi-local/simple \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_0_USERNAME=admin \
-e MODERNE_RECIPE_MARKETPLACE_REPOSITORIES_PYPI_0_PASSWORD=password \
# ... Additional variables

S3 bucket variables

You can configure multiple S3 buckets by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_ORGANIZATION_SOURCES_S3_{index}_URItrueThe S3 bucket URI. Must start with s3:// (e.g., s3://my-bucket-name).
MODERNE_ORGANIZATION_SOURCES_S3_{index}_ENDPOINTURLfalseCustom endpoint URL for S3-compatible services (e.g., http://localhost:9000 for MinIO). Leave empty for standard AWS S3.
MODERNE_ORGANIZATION_SOURCES_S3_{index}_REGIONfalseThe AWS region where the bucket is located (e.g., us-east-1).
MODERNE_ORGANIZATION_SOURCES_S3_{index}_ACCESSKEYfalse (Required if not using profile or IAM role)The AWS access key ID for authentication.
MODERNE_ORGANIZATION_SOURCES_S3_{index}_SECRETKEYfalse (Required if using access key)The AWS secret key for authentication.
MODERNE_ORGANIZATION_SOURCES_S3_{index}_PROFILEfalse (Alternative to access key/secret key)The AWS profile name from your credentials file.
MODERNE_ORGANIZATION_SOURCES_S3_{index}_SKIPSSLtrue (If using self-signed cert or non-HTTPS endpoint)falseSpecifies whether to skip SSL verification for connections to the S3 endpoint.

Example:

docker run \
# ... Existing variables
-e MODERNE_ORGANIZATION_SOURCES_S3_0_URI=s3://my-lst-bucket \
-e MODERNE_ORGANIZATION_SOURCES_S3_0_REGION=us-east-1 \
-e MODERNE_ORGANIZATION_SOURCES_S3_0_ACCESSKEY=AKIAIOSFODNN7EXAMPLE \
-e MODERNE_ORGANIZATION_SOURCES_S3_0_SECRETKEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY \
# ... Additional variables

Recipe POM cache variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_CONNECTOR_RECIPE_POMCACHE_TYPEfalseUsed to specify what type of cache the POM should use. Acceptable values: IN_MEMORY or REDIS.
MODERNE_CONNECTOR_RECIPE_POMCACHE_ENTRYTTLMINUTESfalse60How long entries should live in the POM cache.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_HOSTtrue (If the POM cache type is REDIS)The URL of the Redis instance.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_PORTtrue (If the POM cache type is REDIS)6379The port number of the Redis instance.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_USERNAMEfalseThe username needed to authenticate to the Redis instance.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_PASSWORDfalseThe password needed to authenticate with the Redis instance.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_SSLfalsefalseIf set to true, then SSL will be enabled for the connection to the Redis instance.
MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_DATABASEfalse0The Redis DB index.

Example:

docker run \
# ... Existing variables
-e MODERNE_CONNECTOR_RECIPE_POMCACHE_TYPE=REDIS \
-e MODERNE_CONNECTOR_RECIPE_POMCACHE_REDIS_HOST=localhost \
# ... Additional variables

HTTP proxy variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_CONNECTOR_APIGATEWAY_PROXY_HOSTfalseHost (without scheme) for the proxy server.
MODERNE_CONNECTOR_APIGATEWAY_PROXY_PORTfalsePort for the proxy server.
info

If you include either a host or port, you must include both.

Example:

docker run \
# ... Existing variables
-e MODERNE_CONNECTOR_APIGATEWAY_PROXY_HOST=proxy.mycompany.com \
-e MODERNE_CONNECTOR_APIGATEWAY_PROXY_PORT=8179 \
# ... Additional variables

UI customization variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_UI_MOREHELP_0_LABELfalsenullCustom label for first link under the 'Need more help?' menu. If populated, the URI property must also be populated. Maximum of 3 help items supported.
MODERNE_UI_MOREHELP_0_URIfalsenullThe URI for the first custom help resource. Must be a fully qualified URI that is accessible to users of the platform.
MODERNE_UI_MOREHELP_1_LABELfalsenullCustom label for second link under the 'Need more help?' menu. If populated, the URI property must also be populated.
MODERNE_UI_MOREHELP_1_URIfalsenullThe URI for the second custom help resource. Must be a fully qualified URI that is accessible to users of the platform.
MODERNE_UI_MOREHELP_2_LABELfalsenullCustom label for third link under the 'Need more help?' menu. If populated, the URI property must also be populated.
MODERNE_UI_MOREHELP_2_URIfalsenullThe URI for the third custom help resource. Must be a fully qualified URI that is accessible to users of the platform.
MODERNE_UI_CLIDOWNLOADINSTRUCTIONS_LABELfalsenullCLI download instructions label to show in the platform UI. Overrides the default display of the CLI tools menu presented in the Moderne platform's user interface. If populated, the URI property must also be populated.
MODERNE_UI_CLIDOWNLOADINSTRUCTIONS_URIfalsenullThe URI of the instructions documentation. Must be a fully qualified URI that is accessible to users of the platform.

Example:

docker run \
# ... Existing variables
-e MODERNE_UI_MOREHELP_0_LABEL="Getting started" \
-e MODERNE_UI_MOREHELP_0_URI="https://docs.moderne.io/user-documentation/moderne-platform/getting-started" \
-e MODERNE_UI_MOREHELP_1_LABEL="How to guides" \
-e MODERNE_UI_MOREHELP_1_URI="https://docs.moderne.io/user-documentation/moderne-platform/how-to-guides" \
-e MODERNE_UI_CLIDOWNLOADINSTRUCTIONS_LABEL="Download CLI Tools" \
-e MODERNE_UI_CLIDOWNLOADINSTRUCTIONS_URI="https://docs.example.com/moderne-cli-setup" \
# ... Additional variables

Generic HTTP tool variables

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_CONNECTOR_HTTPTOOL_{index}_URItrueFully qualified URI to your HTTP tool.
MODERNE_CONNECTOR_HTTPTOOL_{index}_USERNAMEfalseUsername used to authenticate to HTTP tool.

Note: Only one of basic auth (username+password) and bearer token can be used. If username and password are specified, bearerToken must not be provided.
MODERNE_CONNECTOR_HTTPTOOL_{index}_PASSWORDfalsePassword used to authenticate to HTTP tool.

Note: Only one of basic auth (username+password) and bearer token can be used. If username and password are specified, bearerToken must not be provided.
MODERNE_CONNECTOR_HTTPTOOL_{index}_BEARERTOKENfalseBearer token used to authenticate to HTTP tool.

Note: Only one of basic auth (username+password) and bearer token can be used. If bearerToken is specified, username and password must not be provided.
MODERNE_CONNECTOR_HTTPTOOL_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL validation for HTTP connections to this HTTP tool. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_CONNECTOR_HTTPTOOL_{index}_SKIPVALIDATECONNECTIVITYfalsefalseBy default, on Connector startup, we will validate that we can connect to this HTTP tool, and fail to start up the Connector if we cannot. Set this to true to skip this validation.
MODERNE_CONNECTOR_HTTPTOOL_{index}_PROXY_HOSTfalseThe hostname of a proxy server to use for connections to this HTTP tool.
MODERNE_CONNECTOR_HTTPTOOL_{index}_PROXY_PORTfalseThe port of the proxy server to use for connections to this HTTP tool.
MODERNE_CONNECTOR_HTTPTOOL_{index}_CONNECTTIMEOUTfalse30sTimeout for the connection to be established (and the first data received). Specified as a duration (e.g., 30s, 1m).
MODERNE_CONNECTOR_HTTPTOOL_{index}_READTIMEOUTfalse60sTimeout for reading the response body from the HTTP tool. Specified as a duration (e.g., 60s, 5m).

Example:

docker run \
# ... Existing variables
-e MODERNE_CONNECTOR_HTTPTOOL_0_URI=https://launchdarkly.mycompany.com \
-e MODERNE_CONNECTOR_HTTPTOOL_0_USERNAME=myUser \
-e MODERNE_CONNECTOR_HTTPTOOL_0_PASSWORD=${SECRET_NAME} \
# ... Additional variables

Moddy LLM variables

Variables for enabling Moddy, Moderne's multi-repo AI agent. Variables are nested under the specific provider you are configuring. Replace {PROVIDER} with one of OPENAI, ANTHROPIC, GEMINI, or MISTRAL (for environment variables) or {provider} with one of openai, anthropic, gemini, or mistral (for JAR arguments).

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_MODDY_{PROVIDER}_APIKEYtrueThe API key for the specified LLM provider. Replace {PROVIDER} with OPENAI, ANTHROPIC, GEMINI, or MISTRAL.
MODERNE_MODDY_{PROVIDER}_MODELfalseOptional model name override for the LLM provider.
MODERNE_MODDY_{PROVIDER}_URIfalseOptional URI override for the LLM API endpoint. If not specified, the default endpoint for the provider is used. Useful for routing requests through a custom API gateway.
MODERNE_MODDY_{PROVIDER}_PROXY_HOSTfalseThe hostname of a proxy server used to reach the LLM API. If specified, PROXY_PORT must also be set.
MODERNE_MODDY_{PROVIDER}_PROXY_PORTfalseThe port of the proxy server used to reach the LLM API. If specified, PROXY_HOST must also be set.
MODERNE_MODDY_ADMINONLYfalsefalseIf true, only admins will see Moddy in the UI and be able to chat with Moddy.

Example:

docker run \
# ... Existing variables
-e MODERNE_MODDY_ANTHROPIC_APIKEY=${ANTHROPIC_API_KEY} \
# ... Additional variables