Flix Server Options
This is the full list of options for the config.yml server configuration file.
Required Options
The following options must be specified to run a Flix server.
hostname - IP address or fqdn for the Flix Server to run on, e.g. flix001.mycompany.com or localhost
Note: You will need to make sure that the hostname option is set to a publicly available hostname or IP address. We recommend a fully qualified domain name and unique hostname for each server.
http_port - The port number for the Flix Server HTTP API to run on. By default, this port is set to 8080.
Note: Ensure that Flix Server is accessible through the server's firewall to connect to it. Refer to the Opening ports on your firewall for Flix communication Knowledge Base article for more information on how to open ports through a firewall.
Tip: We recommend pinging the Flix server hostname via the command line to test for accessibility to the server.
client_transfer_port - The port number the server listens on for RPC transfers from the Flix Client transfer utility. By default, this port is set to 9091. You only need to add this option if you want to change the default port.
mysql_hostname - Address of the db server, IP or fqdn.
mysql_username - MySQL username with access to the Flix schema
mysql_password - MySQL password
MySQL
mysql_port - Port number for the MySQL database. Default: 3306
mysql_database - Name of the database for Flix. Default: flix
db_backup_directory - Provides an alternate path to where the database backup file is created. For example: /var/flix/db_backups.
mysql_max_connections - Maximum number of active connections allowed to the MySQL database per server. Default is 70.
Asset Storage
asset_directory - Path to where assets should be stored. Defaults to the Flix Server install directory
shared_storage - Configures server to use shared storage for Flix assets.
Note: If switching from local to shared storage, you will also need to migrate your assets for Flix Server to pick them up with the new configuration. Refer to Migrating Assets When Switching to a New Assets Directory for more information.
Licensing
floating_license_hostname - Address of the license server (if using floating licensing)
floating_license_port - Port number for the license server to run on (if using floating licensing)
licence_directory - Path to the license (if using node-locked licensing)
Authentication
LDAP (Lightweight Directory Access Protocol)
For guidance on formatting, please refer to the example at the end of this section.
The following options must be specified to run a Flix server.
use_ldap (optional) - This turns on or off the LDAP authentication method for this server. Values: true or false.
base - The base dn is the point from where a server searches for users in your LDAP/AD. You must supply at least the Domain Component (DC).
host - The hostname or IP address of your LDAP/AD server.
port (optional) - The port number to be used when connecting to the LDAP/AD server.
use_ssl (optional) -This indicates whether or not to use SSL/TLS when connecting to your LDAP/AD server. Values: true or false.
bind_user (optional) - This is an account that binds to the LDAP server and performs user and group searches. It can be a read-only account. Make sure the bind user you want to use has permissions to search through the desired paths. The value of this setting can be in one of the following formats:
username
cn=username,dc=domain,dc=com
username@domain
bind_pass (optional) - The password for the name provided in bind_user. If you don't use bind_user, or if it does not require a password, you don't need to set this.
self_auth (optional) - If this is set, bind_user and bind_pass are ignored. Instead, Flix attempts to use the username and password from the user logging in to bind.
User Search
dn (optional) - DN from where to start the search from. If this value is not set the base will be used.
filter (optional) - Filter to apply when searching the directory. Specify the objectClass for your users. The default value is: (objectClass=organizationalPerson)
user_attr - The attribute to use for the username matching for the authentication. On most AD servers, the default setting is - sAMAccountName.
name_attr (optional) - The attribute used to return the user's full name. On most AD servers, the default setting is - displayName.
email_attr - Defines a custom attribute for the user email address to be retrieved from, other than the default 'mail' attribute. This might be useful in cases when the mail field is used for personal email addresses and the cn field for company email addresses.
Note: It is not currently possible to specify which users/groups should be notified upon Editorial publishes. However, the email_attr option does make it possible to retrieve a different mail attribute for users, which can remain blank in LDAP for those who don’t wish to receive notifications for Editorial publishes.
Group Search
dn (optional) - DN from where to start the search from. If this value is not set the 'base' will be used.
filter (optional) - Filter to apply when searching the directory. The default value is empty.
user_attr - The name of the attribute from the user search which can be found in a group attribute such as member. Common values are distingishedName, uid, sAMAccountName.
group_attr - The group attribute that has the same value as the user attribute set above. On most AD servers the default setting is 'member'.
name_attr (optional) - The name of the group. On most AD servers the default setting is either 'name', 'cn' or even 'description'.
group_prefix (optional) - Only groups that start with this string will be added to Flix when a user logs in.
group_suffix (optional) - Only groups that end with this string will be added to Flix when a user logs in.
Auto-assign Group-Role Pairs
LDAP groups can be used to automatically assign group-role pairs. This is done by a new YAML section within the LDAP section roles. See Example LDAP Flix Config File for more information.
Additionally, four optional fields have been added:
allowed_users - an explicit list of LDAP usernames which are permitted to log into Flix (cannot be set if blocked_users is set).
blocked_users - an explicit list of LDAP usernames which are not permitted to log into Flix (cannot be set if allowed_users is set).
required_groups - a list of groups users must have to be permitted to log into Flix, users must have all groups in this list. Cannot be set if forbidden_groups is set.
forbidden_groups - a list of groups which if a user has any of, that user will not be permitted to log into Flix. Cannot be set if required_groups is set.
Example LDAP Flix Config File
Note: This example is for illustration purposes. The entry preceding the ':' is a key that Flix reads, which needs to be named as in the example, but the entry following the ':' follows the exact naming of the attribute name in your AD.
ldap: use_ldap: true base: dc=flix,dc=ad host: 10.10.10.10 port: 385 use_ssl: false self_auth: false bind_user: CN=Flix,OU=Flix-Users,DC=flix,DC=ad bind_pass: PASSWORD user_search: dn: OU=Flix-Users,DC=flix,DC=ad filter: (objectClass=organizationalPerson) user_attr: sAMAccountName name_attr: displayName email_attr: description group_search: dn: OU=Groups,DC=flix,DC=ad filter: (objectClass=group) user_attr: distinguishedName name_attr: name group_attr: member group_prefix: flix- group_suffix: -flix roles: - role: Show manager group_suffix: "Manager" - role: View only group_suffix: "Readonly" - role: Regular user group_prefix: "Flix" - role: View only # fallback role
smtp_hostname - The hostname e.g., smtp.gmail.com
smtp_port - Port number e.g., 465
smtp_username (optional) - SMTP email address e.g., example@email.com
smtp_password (optional) - SMTP password e.g., MyP@ssword
smtp_send_from - Sets the email address Flix uses for notifications, e.g., flix_publishes@mycompany.com
Note: If the smtp_username and smtp_password config options are not set, Flix Server attempts to connect to the smtp server without authenticating when sending notification emails.
HTTPS
ca_file - Add this option and the path to a CA certificate file if using self-signed certificates.
cert - Add this option and the path to a TLS certificate file (public key).
key - Add this option and the path to the TLS key file (private key).
Logs
max-log-mb - Sets default log file size to 5 MB. After this data limit is reached, the log file rotates and the older data is split off and stored in archived logs.
log_file - Sets the filename and location for server logs. The CLI flag will make the directory if it doesn't exist. For example: /var/flix/logs/serverlogs.log.
log thread info - Determines what information is included in the logs using 'true' to include and 'false' to exclude. All values are true by default.
• user - the user who started that 'thread' of function calls.
• client_id - the Flix client ID.
• server - the originating server.
Other
font_directory - Path to access fonts
flix5_compatible_imports - Use in Flix 6 when reconforming Avid AAFs created in Flix 5 to relink correct panels.
webhooks - Custom event-based API triggers that automate standard processes can be enabled or disabled on a per-server basis using the enabled: true or false options.
See http://docs.flix-dev.com/#tag/Webhook and https://pypi.org/project/flix-sdk/ for more details on Flix's API and the flix-sdk package.