Environment Variables

We try to let most of the things defined through Environment Variables, as 12factor applications’s config. You will need to configure through your hosting provider (for example in Heroku), through a gem like figaro or through docker-compose env_file.

This is an extensive list of all the Env variables supported for an application created with the default decidim generator (ie: decidim my-application). Custom applications may modify or customize the default decidim initializer (config/initializers/decidim.rb) in such a a way that this will have no effect.

Finally, take into account that there are some config variables not available as Env vars, this is because it is not enough to set them in order to make that particular feature to work, it requires the user to add some custom code (usually a service class that acts a wrapper for an external API). These are the case for initializers such as sms_gateway_service, timestamp_service, pdf_signature_service or machine_translation_service. For more information about these extra services check the Initializer documentation.

The next tables show all the default Env Vars available when running a default Decidim application (note that customized Decidim apps might differ). The ones marked in bold are the minimal required to run a production server. The ones marked as italic are only required for development.

Table 1. Required Decidim Env Vars
Name Value Default value Multitenant’s System configurable

DATABASE_HOST

Hostname for the Postgres database.

localhost

No

DATABASE_PASSWORD

Password for the Postgres database

No

DATABASE_PORT

Port for the Postgres database.

5432

No

DATABASE_USERNAME

Username for the Postgres database. Note that database name is autogenerated in development mode thus there is no config var here.

No

DATABASE_URL

For production environments database needs to be defined as a string following the scheme: postgres://USERNAME:PASSWORD@HOST/DATABASE_NAME`

No

RAILS_ENV

Environment for Ruby on Rails. If it is on your local machine for development, then it should be development. If it is on server it should be production. Please take care that this has security implications. You DO NOT want to be running a production application on development mode.

development

No

SECRET_KEY_BASE

Secret key base for the Application. It is specially important that this is kept secret from the outside word; do NOT publish it on GitHub/GitLab/BitBucket.

No

SMTP_ADDRESS

Hostname for the SMTP server, for sending emails. See SMTP

Yes

SMTP_DOMAIN

Domain for the SMTP server, for sending emails. See SMTP

Yes

SMTP_PASSWORD

Password for the SMTP server, for sending emails. See SMTP

Yes

SMTP_USERNAME

Username for the SMTP server, for sending emails. See SMTP

Yes

DECIDIM_APPLICATION_NAME

Default name (shown in the browser’s title status and search engines) for the Decidim instance.

My Application Name

Yes

DECIDIM_MAILER_SENDER

Default Reply email for any email sent (transactional or newsletters).

change-me@example.org

Yes

SMTP_PORT

Port for the SMTP server, for sending emails. See SMTP

587

Yes

SMTP_STARTTLS_AUTO

Automatically use STARTTLS protocol for the SMTP server, for sending emails. See SMTP

true

Yes

SMTP_AUTHENTICATION

Type of authentication for the SMTP server, for sending emails. See SMTP

plain

Yes

QUEUE_ADAPTER

Use this var to establish the backend used to process jobs in your application.

Note that every backend requires some additional configuration steps.

Also take into account that the default value (async) is not suitable for production environments

Common values are sidekiq and delayed_job.

If you decide to use sidekiq, you can easily generate the additional required files with the --queue option in the decidim generator (delayed_job is not supported yet, but you can easily follow the official instructions).

- Check the Delayed Job info - Check the Sidekiq info

async

No

SIDEKIQ_CONCURRENCY

If you are using sidekiq as your job processor backend. You can use this var to tune the number of concurrent sidekiq processes running in parallel (this only applies if you are using the default config/sidekiq.yml file generated by the decidim generator).

Note that each process consumes a database connection. You need to be sure you infrastructure is properly configured not to exceed the concurrent number of connections that your database supports. For this matter, check also the RAILS_MAX_THREADS param if you are using Puma.

5

No

If you want to use a cloud provider to storage user uploads. this can be done via next extra configuration variables.

Different providers require extra gems to be specified in your Gemfile. You can generate a new application with the appropriated gems with the command decidim --storage=[provider] my-application.

Table 2. Optional Decidim Env Vars for cloud storage settings
Name Value Default value Multitenant’s System configurable

STORAGE_PROVIDER

Which storage provider is going to be used for the application, provides support for the most popular options. Options are local, s3 (compatible with any AWS-S3 service provider), azure (for Microsoft Cloud Storage), gcs (Google Cloud Services).

If this setting is set to any other value than local, and additional gem for the specified service must be installed in the Gemfile of your application. See the official Rails guide for details.

local

No

STORAGE_CDN_HOST

If you are using a cloud provider, having a CDN on top of it is probably a good idea. For instance, using a CloudFront distribution on top of a S3 configuration. But other services can be used as well (you can use CloudFlare for free with excellent results).

Set the protocol, host and path to your CDN and all the user-generated files (through Active Storage) will be prefixed with this instead of serving files directly from the same domain of your application.

Note that this is not the same as the RAILS_ASSET_HOST var. This other variable is used for static, compiled assets while STORAGE_CDN_HOST is for files dynamically generated within the application by users or admins.

No

AWS_ACCESS_KEY_ID

If STORAGE_PROVIDER is set to s3, define here your AWS KEY ID with permissions to access the bucket for the application.

Also, be sure to add the line gem "aws-sdk-s3", require: false in your Gemfile.

No

AWS_SECRET_ACCESS_KEY

If STORAGE_PROVIDER is set to s3, define here your AWS SECRET KEY with permissions to access the bucket for the application.

No

AWS_BUCKET

If STORAGE_PROVIDER is set to s3, define here the bucket used for uploading files and images.

No

AWS_REGION

If STORAGE_PROVIDER is set to s3, define here your region (in case your S3 provider requires it, required if AWS_ENDPOINT is empty).

No

AWS_ENDPOINT

If STORAGE_PROVIDER is set to s3, define here your endpoint (this is mandatory if using any provider that is not AWS, can be empty if using AWS and AWS_REGION is specified).

No

AZURE_STORAGE_ACCESS_KEY

If STORAGE_PROVIDER is set to azure, define here your AZURE ACCESS KEY with permissions to access the container for the application. Needs to be encoded in Base64.

Also, be sure to add the line gem "azure-storage-blob", require: false in your Gemfile.

No

AZURE_STORAGE_ACCOUNT_NAME

If STORAGE_PROVIDER is set to azure, define here your AZURE ACCOUNT NAME with permissions to access the container for the application.

No

AZURE_CONTAINER

If STORAGE_PROVIDER is set to azure, define here your AZURE CONTAINER used for uploading files and images.

No

GCS_PROJECT

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD PROJECT with permissions to access the bucket for the application.

Also, be sure to add the line gem "google-cloud-storage", "~> 1.11", require: false in your Gemfile.

GOOGLE CLOUD SERVICES require some amount of parameters. You should be able to extract them from a keyfile.json file.

No

GCS_BUCKET

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD BUCKET used for uploading files and images.

No

GCS_TYPE

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD SERVICE TYPE.

service_account

No

GCS_PROJECT_ID

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD PROJECT ID.

No

GCS_PRIVATE_KEY_ID

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD PRIVATE KEY ID.

No

GCS_PRIVATE_KEY

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD PRIVATE KEY.

No

GCS_CLIENT_EMAIL

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD CLIENT EMAIL.

No

GCS_CLIENT_ID

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD CLIENT ID.

No

GCS_AUTH_URI

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD AUTH URI (if needed)

https://accounts.google.com/o/oauth2/auth

No

GCS_TOKEN_URI

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD TOKEN URI (if needed)

https://accounts.google.com/o/oauth2/token

No

GCS_AUTH_PROVIDER_X509_CERT_URL

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD AUTH X509 CERT URI (if needed)

https://www.googleapis.com/oauth2/v1/certs

No

GCS_CLIENT_X509_CERT_URL

If STORAGE_PROVIDER is set to gcs, define here your GOOGLE CLOUD X509 CERT URI (if needed)

No

Next variables are additional services such as geolocation, etherpad and other simple integrations. Also some more refined configurations:

Table 3. Optional Decidim Env Vars for external services integrations
Name Value Default value Multitenant’s System configurable

MAPS_PROVIDER

For a simple geolocation and tile maps service configuration define this value to one of the supported providers, currently here for HERE Maps or osm for OpenStreatMap. See Maps.

No

MAPS_API_KEY

For a simple geolocation and tile maps service configuration define this value in case the provider needs it (if you are using Here Maps, you will need an API key). See Maps.

Note that if you are using the here service you do not need to do anything else. If using osm however check the rest of env vars related to maps for a proper configuration

No

MAPS_DYNAMIC_URL

If you are using a osm as a provider, you need to define this variable. Keep in mind that OpenStreetMap cannot be used directly due its non-commercial license in many cases. See Maps.

You need to define this variable if using osm as a provider, usually the URL goes in the form of https://tile.openstreetmap.org/{z}/{x}/{y}.png?key={apiKey}&{foo}

No

MAPS_STATIC_URL

If you are using a osm as a provider, you need to define this variable. Keep in mind that OpenStreetMap cannot be used directly due its non-commercial license in many cases. See Maps.

You need to define this variable if using osm as a provider, usually the URL goes in the form of http://staticmap.openstreetmap.de/

https://image.maps.ls.hereapi.com/mia/1.6/mapview (only if using Here Maps)

No

MAPS_ATTRIBUTION

If you are using a osm as a provider, you need to define this variable. OpenStreeMap requires you to show the credits and that is what this does. See Maps.

You need to define this variable if using osm as a provider, the next text is a pretty common value: <a href="https://www.openstreetmap.org/copyright" target="_blank">© OpenStreetMap</a> contributors

No

MAPS_EXTRA_VARS

Some providers may require you to send additional variables in the dynamic tile request (custom api keys, secrets, etc). Use this to do that, you can define as many pairs of "variable"/"value" in a URL-encoded string. See Maps.

Note that to defined this variable might not be necessary in most cases, if you do it must look something like api_key=true&foo=bar%3Dbaz

No

MAPS_GEOCODING_HOST

If you are using a osm as a provider, you need to define this variable to define the geocoder service to to translate addresses into latitude/longitude coordinates. See Maps.

You need to define this variable if using osm as a provider, usually the URL goes in the form of https://nominatim.openstreetmap.org

No

MAPS_DYNAMIC_PROVIDER

For advanced cases, you can define this value instead or in combination of MAPS_PROVIDER (which will be the default). This allows to set up different providers for the static tile provider than the dynamic. See Maps.

Note that you do not need to define this variable for the most common, simple, one provider cases.

No

MAPS_STATIC_PROVIDER

For advanced cases, you can define this value instead or in combination of MAPS_PROVIDER (which will be the default). This allows to set up different providers for the static tile provider than the dynamic. See Maps.

Note that you do not need to define this variable for the most common, simple, one provider cases.

No

MAPS_STATIC_API_KEY

For advanced cases, you can define this value instead or in combination of MAPS_API_KEY (which will be the default). This allows to set up different providers for the static tile provider than the dynamic requiring different API KEYS. See Maps.

Note that you do not need to define this variable for the most common, simple, one provider cases.

No

MAPS_DYNAMIC_API_KEY

For advanced cases, you can define this value instead or in combination of MAPS_API_KEY (which will be the default). This allows to set up different providers for the static tile provider than the dynamic requiring different API KEYS. See Maps.

Note that you do not need to define this variable for the most common, simple, one provider cases.

No

ETHERPAD_SERVER

URL for an Etherpad.org server to integrate in Decidim for collaborative, real time writing events. See Etherpad.

No

ETHERPAD_API_KEY

API key for communicating with the Etherpad server. See Etherpad.

No

ETHERPAD_API_VERSION

Etherpad API version, this is unlikely to be needed to be changed. See Etherpad.

1.2.1

No

OMNIAUTH_FACEBOOK_APP_ID

App ID for enabling access through Facebook.com accounts. See Social Providers. Note that defining this variable automatically renders the "login with" button.

Yes

OMNIAUTH_FACEBOOK_APP_SECRET

App Secret for enabling access through Facebook.com accounts. See Social Providers.

Yes

OMNIAUTH_GOOGLE_CLIENT_ID

Client ID for enabling access through Google.com accounts. See Social Providers.

Yes

OMNIAUTH_GOOGLE_CLIENT_SECRET

Client Secret for enabling access through Google.com accounts. See Social Providers.

Yes

OMNIAUTH_TWITTER_API_KEY

API Key for enabling access through Twitter.com accounts. See Social Providers.

Yes

OMNIAUTH_TWITTER_API_SECRET

API Secret for enabling access through Twitter.com accounts. See Social Providers.

Yes

BULLETIN_BOARD_SERVER

The full URL to identify a Bulletin Board Server. It must point to the Graphql API (ie: https://bulletinboard.example.org/api) See Elections Bulletin Board.

No

BULLETIN_BOARD_PUBLIC_KEY

The public RSA key used to verify the Bulletin Board Server. See Elections Bulletin Board.

No

BULLETIN_BOARD_API_KEY

An additional API key to add additional security with the communications with the Elections Bulletin Board Server. See Elections Bulletin Board.

No

AUTHORITY_NAME

The name of the Authority registered in the Bulletin Board Server corresponding to this Decidim instance. See Elections Bulletin Board.

No

AUTHORITY_PRIVATE_KEY

The private RSA key of this Decidim instance corresponding to the Authority public key registered in the Bulletin Board Server. See Elections Bulletin Board.

No

ELECTIONS_SCHEME_NAME

The type of strategy used in the Bulletin Board Server used for encrypting the Election. Currently only electionguard is available for production See Elections Bulletin Board.

electionguard

No

ELECTIONS_NUMBER_OF_TRUSTEES

Number of trustees for electionguard election scheme, minimum number is 2. See Elections Bulletin Board.

No

ELECTIONS_QUORUM

Number of trustees required to be present in order to decrypt an election in case of the electionguard scheme. Minimum is 2, maximum the number of trustees. See Elections Bulletin Board.

No

ELECTIONS_SETUP_MINIMUM_HOURS_BEFORE_START

Public Setting that defines how many hours should the setup be run before the election starts

3

No

ELECTIONS_START_VOTE_MAXIMUM_HOURS_BEFORE_START

Public Setting that defines how many hours the ballot box can be opened before the election starts

6

No

ELECTIONS_VOTER_TOKEN_EXPIRATION_MINUTES

How long any time of message sent to the bulletin board will be valid for any kind of processing.

120

No

VOTINGS_CHECK_CENSUS_MAX_REQUESTS

Max requests in a time period to check the census. Only applied in production and test.

5

No

VOTINGS_THROTTLING_PERIOD

Time window in which the VOTINGS_CHECK_CENSUS_MAX_REQUESTS throttling is applied (in minutes).

1

No

VOTINGS_CENSUS_ACCESS_CODES_EXPORT_EXPIRY_TIME

How long the census access codes export file will are available in the server (in days)

2

No

VAPID_PUBLIC_KEY

VAPID public key that will be used to sign the Push API requests. It can be generated running the task: rails decidim:pwa:generate_vapid_keys

No

VAPID_PRIVATE_KEY

VAPID private key that will be used to sign the Push API requests. It can be generated running the task: rails decidim:pwa:generate_vapid_keys

No

Table 4. Additional Optional Decidim Env Vars for the setting up the application
Name Value Default value Multitenant’s System configurable

DECIDIM_AVAILABLE_LOCALES

a list of, coma separated, locales that will be available for each organization configured in the System configuration. Check for the Supported values in ISO639 format.

Be careful while setting up this value, you can easily shoot yourself in the food as Decidim will crash if one of the languages is not supported

ca, cs, de, en, es, eu, fi, fr, it, ja, nl, pl, pt, ro

Partially, Only when creating a new organization the admin needs to choose between these values

DECIDIM_DEFAULT_LOCALE

The default locale to be used as a fallback (note that, in practice, this value must always be defined in the System configuration for each organization anyway).

Note that DECIDIM_AVALABLE_LOCALES must include this value

en

Partially, Only when creating a new organization

DECIDIM_FORCE_SSL

By default, Decidim enforces a SSL connection (https), sometimes it is necessary to disable it in order to handle this through a proxy system (note that use Decidim without SSL at all is NOT RECOMMENDED). This value can take 3 values:

auto: Will be true for Rails Production or Staging environments and false for development or test. If undefined, defaults to this value.

true: Will redirect to HTTPS always

false: Will not redirect to HTTPS

auto

No

DECIDIM_ENABLE_HTML_HEADER_SNIPPETS

Set to true in order to allow administrators to define an arbitrary custom HTML code in the <head></head> section any Decidim page.

The most common use is to integrate third-party services that require some extra JavaScript or CSS. Also, you can use it to add extra meta tags to the HTML. Note that this will only be rendered in public pages, not in the admin section.

Before enabling this you should ensure that any tracking that might be done is in accordance with the rules and regulations that apply to your environment and usage scenarios. This component also comes with the risk that an organization’s administrator injects malicious scripts to spy on or take over user accounts.

No

DECIDIM_CURRENCY_UNIT

Currency unit is used in view showing monetary actions, such as budgets. It does not affect any internal calculations.

No

DECIDIM_CORS_ENABLED

The SVG do not support CORS. When using custom asset host different than root url, set this value to true, in order to activate the available workaround.

false

No

DECIDIM_IMAGE_UPLOADER_QUALITY

Defines the quality of image uploads after processing. Image uploads are processed by Decidim, this value helps reduce the size of the files.

80

No

DECIDIM_CACHE_EXPIRATION_TIME

The default number of minutes where a cache in Decidim will be applied (currently Decidim applies cache to some pieces of html called cells). If empty has no expiration time (but you can clear the cache anytime with the command rails tmp:clear). Note that zero ("0") is different than an empty string and it will disable the cache completely.

1440

No

DECIDIM_STATS_CACHE_EXPIRATION_TIME

Same as before but for the default number of minutes for html that displays stats.

10

No

DECIDIM_MAXIMUM_ATTACHMENT_SIZE

The maximum file size of an attachment (in Megabytes).

Mind that this depends on your environment, for instance you could also need to change your web server configuration (nginx, apache, etc).

10

Yes

DECIDIM_MAXIMUM_AVATAR_SIZE

The maximum file size for a user avatar (in Megabytes).

Mind that this depends on your environment, for instance you could also need to change your web server configuration (nginx, apache, etc).

5

Yes

DECIDIM_MAX_REPORTS_BEFORE_HIDING

The number of reports which a resource can receive before hiding it. This affects moderations for resources such as proposals or users (spammers).

3

No

DECIDIM_TRACK_NEWSLETTER_LINKS

Allow organizations admins to track newsletter links, trough UTMs. See UTM parameters in Wikipedia. Set it to true or false, if undefined defaults to true.

true

No

DECIDIM_DOWNLOAD_YOUR_DATA_EXPIRY_TIME

Number of days that the download your data files will be available in the server.

7

No

DECIDIM_THROTTLING_MAX_REQUESTS

Max requests in a time period to prevent DoS attacks. Only applied on production. Note that this is used by the Gem Rack::Attack and blocks are based on the detected remote IP. Different proxy configurations (such as load balancers) may affect this, we recommend to read the documentation for this gem.

100

No

DECIDIM_THROTTLING_PERIOD

Time window (in number of minutes) in which the throttling is applied.

1

No

DECIDIM_UNCONFIRMED_ACCESS_FOR

Time window (in number of days) were users can access the website even if their email is not confirmed.

0

No

DECIDIM_SYSTEM_ACCESSLIST_IPS

For extra security, restrict access to the system part with an authorized ip list.

You can use a single ip like 1.2.3.4, or an ip subnet like 1.2.3.4/24 You may specify multiple ip in an array, separating by commas, such as 1.2.3.4, 1.2.3.4/24

No

DECIDIM_BASE_UPLOADS_PATH

A base path for the uploads. If set, make sure it ends in a slash. Uploads will be set to <base_path>/uploads/. This can be useful if you want to use the same uploads place for both staging and production environments, but in different folders.

If not set, it will be ignored.

No

DECIDIM_DEFAULT_CSV_COL_SEP

Sets Decidim::Exporters::CSV’s default column separator. This is used in general in any activity that generates a CSV file.

;

No

DECIDIM_CONSENT_COOKIE_NAME

Defines the name of the cookie used to check if the user allows Decidim to set cookies. This is needed due the GDPR regulations.

decidim-cc

No

DECIDIM_EXPIRE_SESSION_AFTER

In minutes, How long can a user remained logged in before the session expires.

Notice that this is also maximum time that user can idle before getting automatically signed out.

30

No

DECIDIM_ENABLE_REMEMBER_ME

If set to true, users have option to "remember me".

Notice that expire_session_after will not take effect when the user wants to be remembered.

true

No

DECIDIM_SESSION_TIMEOUT_INTERVAL

In seconds, defines how often session_timeouter.js checks time between the current moment and the last request. This is a periodic poll method (performed by a JS script) that is used to show users an alert that the session is about to expire after a period of inactivity.

10

No

DECIDIM_FOLLOW_HTTP_X_FORWARDED_HOST

Exposes a configuration option: HTTP_X_FORWADED_HOST header follow-up.

If a caching system is in place, it can also allow cache and log poisoning attacks, allowing attackers to control the contents of caches and logs that could be used for other attacks.

false

No

DECIDIM_MAXIMUM_CONVERSATION_MESSAGE_LENGTH

The maximum length (number of characters) for conversation messages. Conversations are private threads between two or more users or groups.

This does not affect comments as its length can be configured by administrators in the component’s settings.

1000

No

DECIDIM_DENIED_PASSWORDS

List of Denied passwords. Array may contain strings and regex entries.

Separate each item of the array with a comma AND a space, for instance: i-do-not-like-this-password, i-do-not-like-this-one-either, password123456

No

DECIDIM_PASSWORD_SIMILARITY_LENGTH

Amount of characters required by parts of a domain (site or email / separated by a dot) for them to be taken into account during a password validation

4

No

DECIDIM_SOCIAL_SHARE_SERVICES

The social networking services that will be available when using the "Share" feature on some resources.

See Social shares services documentation

X, Facebook, WhatsApp, Telegram

No

DECIDIM_ALLOW_OPEN_REDIRECTS

Disable the redirection to the external host when performing redirect back.

This is not recommended to activate unless you know what you are doing

More details at Rails issue #39643

Additional context: This has been revealed as an issue during a security audit on the Future of Europe installation

false

No

DECIDIM_ADMIN_PASSWORD_STRONG

Enable strong password rules for admin users.

true

No

DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS

Defines how many days admin passwords are valid before they need to be reset. If you want to disable password expiration, you can set this value to 0.

90

No

DECIDIM_ADMIN_PASSWORD_REPETITION_TIMES

Defines how many previous passwords are compared against new admin user passwords.

5

No

DECIDIM_ADMIN_PASSWORD_MIN_LENGTH

The minimum character length for admin user passwords.

15

No

DECIDIM_SERVICE_WORKER_ENABLED

Enable/Disable the service worker. This is used to enable offline support and to deliver push notifications. In development it is recommended to be disabled because its aggresive cache configuration might cause some issues when submitting forms.

false

No

Table 5. Optional Env Vars fine tuning some Decidim modules (such the API or Proposal behaviors)
Name Value Default value Multitenant’s System configurable

API_SCHEMA_MAX_PER_PAGE

Set this number to define the default limit for the number of items returned and queried from the database in any collection returned in the GraphQL API.

50

No

API_SCHEMA_MAX_COMPLEXITY

Complexity is a number based on the GraphQL query sent to the API. Too complex queries may cause a degradation of performance, lower or increase this number according your needs.

5000

No

API_SCHEMA_MAX_DEPTH

GraphQL nested queries can generated equally deeply nested queries on the database. To prevent this set this limit to prevent too unperformant queries.

15

No

PROPOSALS_SIMILARITY_THRESHOLD

When users create proposals, there are presented with a list of alternative, similar, proposals already created. Similarity goes from 0 (no similar at all) to 1 (exactly the same content).

Lower this number to require less coincidences between the texts to create the alternative list. Increase this number to force the alternative proposal be very similar in order to be considered an alternative.

Using a very high number (ie: 0.99) can effectively deactivate the comparison step when creating proposals.

0.25

No

PROPOSALS_SIMILARITY_LIMIT

Max number of proposals from the alternative, similar, proposals to be presented to the user.

10

No

PROPOSALS_PARTICIPATORY_SPACE_HIGHLIGHTED_PROPOSALS_LIMIT

Number of proposals to be shown in blocks with highlighted content across different participatory spaces.

4

No

PROPOSALS_PROCESS_GROUP_HIGHLIGHTED_PROPOSALS_LIMIT

Number of proposals to be shown in blocks with highlighted content in processes groups only.

3

No

MEETINGS_UPCOMING_MEETING_NOTIFICATION

Number of days before scheduled to send a reminder notification to users registered in a meeting.

2

No

MEETINGS_ENABLE_PROPOSAL_LINKING

If true, enables several relationships between meetings and proposals. By default is active if Proposals are active (which is true always at the moment).

We recommend not to tamper with this setting unless you know what are you doing

auto

No

MEETINGS_EMBEDDABLE_SERVICES

A list (separated by spaces) of allowed services that can be embedded in a iframe when creating an online meeting.

www.youtube.com www.twitch.tv meet.jit.si

No

BUDGETS_ENABLE_PROPOSAL_LINKING

If true, enables several relationships between budgets and proposals. By default is active if Proposals are active (which is true always at the moment).

We recommend not to tamper with this setting unless you know what are you doing

auto

No

ACCOUNTABILITY_ENABLE_PROPOSAL_LINKING

If true, enables several relationships between the accountability module and proposals. By default is active if Proposals are active (which is true always at the moment).

We recommend not to tamper with this setting unless you know what are you doing

auto

No

INITIATIVES_CREATION_ENABLED

If false, regular users cannot create initiatives.

true

No

INITIATIVES_SIMILARITY_THRESHOLD

Acts as the proposals similarity threshold, use a number between 0 and 1 to establish how similar have to be 2 initiatives to be listed the alternate list.

0 will require no similarity at all 1 will require for two initiatives to contain exactly the same text

0.25

No

INITIATIVES_SIMILARITY_LIMIT

Number of similar initiatives presented to the user before publishing a new one.

5

No

INITIATIVES_MINIMUM_COMMITTEE_MEMBERS

Minimum number of committee members required to pass the initiative to technical validation phase. Only applies to initiatives created by individuals.

2

No

INITIATIVES_DEFAULT_SIGNATURE_TIME_PERIOD_LENGTH

Number of days available to collect supports after an initiative has been published.

120

No

INITIATIVES_DEFAULT_COMPONENTS

Components enabled by default for a new initiative (administrators can add more).

pages, meetings

No

INITIATIVES_FIRST_NOTIFICATION_PERCENTAGE

Notifies when the given percentage of supports is reached for an initiative.

33

No

INITIATIVES_SECOND_NOTIFICATION_PERCENTAGE

Notifies when the given percentage of supports is reached for an initiative.

66

No

INITIATIVES_STATS_CACHE_EXPIRATION_TIME

Sets the expiration time for the statistic data.

5

No

INITIATIVES_MAX_TIME_IN_VALIDATING_STATE

Maximum amount of time in validating state.

After this time the initiative will be moved to discarded state.

60

No

INITIATIVES_PRINT_ENABLED

Print functionality enabled. Allows users to get a printed version of the initiative.

false

No

INITIATIVES_DO_NOT_REQUIRE_AUTHORIZATION

If true, This flag allows creating initiatives to unauthorized users.

false

No

Table 6. Optional Env Vars for extra Rails configuration
Name Value Default value Multitenant’s System configurable

RAILS_LOG_TO_STDOUT

If defined (value is indifferent) it will show the log content on the shell Standard Out. It is special relevant on certain hosting providers (for example, Heroku or Docker). It is also part of 12factor’s recommendations.

No

RAILS_SERVE_STATIC_FILES

If defined (value is indifferent) it will serve static files present in the public folder of Rails. It is special relevant on certain hosting providers (for example, Heroku or Docker).

No

RAILS_LOG_LEVEL

The log level for the application. This makes more or less verbose the logger. Usually, it is a good choice to use info after a period of testing a production application.

It must be one of these: debug, info, warn, error, fatal

Note that this only applies to production environments.

debug

No

RAILS_ASSET_HOST

If you use a CDN or another type of assets management, you can specify the host (and path) for it so, instead of Rails serving your assets (CSS, Javascript, Images) will use your custom system. For instance https://assets.example.org

No

PORT

Specifies the port that Puma will listen on to receive requests. This does not apply to alternative application servers such as Passenger.

3000

No

RAILS_MAX_THREADS

Specifies the maximum number of concurrent database connections and threads that Puma will use to serve requests. Please refer to Database pooling at Rails Guides for more information.

5

No

REDIS_URL

If using Sidekiq as a queue adapter for processing background jobs, a Redis database is needed. Sidekiq uses this env var if defined, if not defaults to localhost:6379. Please refer to Sidekiq documentation for more information.

5

No

Please take care that all these configurations would be the defaults but some of these could also be changed on a Multitenant’s System configuration (for instance SMTP or OAUTH providers).