Flix Server Options

This is the full list of options for the config.yml server configuration file.

Required Options

The following options must be specified to run a Flix server.

hostname - IP address or fqdn for the Flix Server to run on, e.g. flix001.mycompany.com or localhost

Note:  You will need to make sure that the hostname option is set to a publicly available hostname or IP address. We recommend a fully qualified domain name and unique hostname for each server.

http_port - The port number for the Flix Server HTTP API to run on. By default, this port is set to 8080.

Note:  Ensure that Flix Server is accessible through the server's firewall to connect to it. Refer to the Opening ports on your firewall for Flix communication Knowledge Base article for more information on how to open ports through a firewall.

Tip:   We recommend pinging the Flix server hostname via the command line to test for accessibility to the server.

client_transfer_port - The port number the server listens on for RPC transfers from the Flix Client transfer utility. By default, this port is set to 9091. You only need to add this option if you want to change the default port.

mysql_hostname - Address of the db server, IP or fqdn.

mysql_username - MySQL username with access to the Flix schema

mysql_password - MySQL password

MySQL

mysql_port - Port number for the MySQL database. Default: 3306

mysql_database - Name of the database for Flix. Default: flix

db_backup_directory - Provides an alternate path to where the database backup file is created. For example: /var/flix/db_backups.

mysql_max_connections - Maximum number of active connections allowed to the MySQL database per server. Default is 70.

Asset Storage

asset_directory - Path to where assets should be stored. Defaults to the Flix Server install directory

shared_storage - Configures server to use shared storage for Flix assets.

Note:  If switching from local to shared storage, you will also need to migrate your assets for Flix Server to pick them up with the new configuration. Refer to Migrating Assets When Switching to a New Assets Directory for more information.

Licensing

floating_license_hostname - Address of the license server (if using floating licensing)

floating_license_port - Port number for the license server to run on (if using floating licensing)

licence_directory - Path to the license (if using node-locked licensing)

Authentication

LDAP (Lightweight Directory Access Protocol)

For guidance on formatting, please refer to the example at the end of this section.

The following options must be specified to run a Flix server.

use_ldap (optional) - This turns on or off the LDAP authentication method for this server. Values: true or false.

base - The base dn is the point from where a server searches for users in your LDAP/AD. You must supply at least the Domain Component (DC).

host - The hostname or IP address of your LDAP/AD server.

port (optional) - The port number to be used when connecting to the LDAP/AD server.

use_ssl (optional) -This indicates whether or not to use SSL/TLS when connecting to your LDAP/AD server. Values: true or false.

bind_user (optional) - This is an account that binds to the LDAP server and performs user and group searches. It can be a read-only account. Make sure the bind user you want to use has permissions to search through the desired paths. The value of this setting can be in one of the following formats:

username
cn=username,dc=domain,dc=com
username@domain

bind_pass (optional) - The password for the name provided in bind_user. If you don't use bind_user, or if it does not require a password, you don't need to set this.

self_auth (optional) - If this is set, bind_user and bind_pass are ignored. Instead, Flix attempts to use the username and password from the user logging in to bind.

User Search

dn (optional) - DN from where to start the search from. If this value is not set the base will be used.

filter (optional) - Filter to apply when searching the directory. Specify the objectClass for your users. The default value is: (objectClass=organizationalPerson)

user_attr - The attribute to use for the username matching for the authentication. On most AD servers, the default setting is - sAMAccountName.

name_attr (optional) - The attribute used to return the user's full name. On most AD servers, the default setting is - displayName.

email_attr - Defines a custom attribute for the user email address to be retrieved from, other than the default 'mail' attribute. This might be useful in cases when the mail field is used for personal email addresses and the cn field for company email addresses.

Note:  It is not currently possible to specify which users/groups should be notified upon Editorial publishes. However, the email_attr option does make it possible to retrieve a different mail attribute for users, which can remain blank in LDAP for those who don’t wish to receive notifications for Editorial publishes.

Group Search

dn (optional) - DN from where to start the search from. If this value is not set the 'base' will be used.

filter (optional) - Filter to apply when searching the directory. The default value is empty.

user_attr - The name of the attribute from the user search which can be found in a group attribute such as member. Common values are distingishedName, uid, sAMAccountName.

group_attr - The group attribute that has the same value as the user attribute set above. On most AD servers the default setting is 'member'.

name_attr (optional) - The name of the group. On most AD servers the default setting is either 'name', 'cn' or even 'description'.

group_prefix (optional) - Only groups that start with this string will be added to Flix when a user logs in.

group_suffix (optional) - Only groups that end with this string will be added to Flix when a user logs in.

Auto-assign Group-Role Pairs

LDAP groups can be used to automatically assign group-role pairs. This is done by a new YAML section within the LDAP section roles. See Example LDAP Flix Config File for more information.

Additionally, four optional fields have been added:

allowed_users - an explicit list of LDAP usernames which are permitted to log into Flix (cannot be set if blocked_users is set).

blocked_users - an explicit list of LDAP usernames which are not permitted to log into Flix (cannot be set if allowed_users is set).

required_groups - a list of groups users must have to be permitted to log into Flix, users must have all groups in this list. Cannot be set if forbidden_groups is set.

forbidden_groups - a list of groups which if a user has any of, that user will not be permitted to log into Flix. Cannot be set if required_groups is set.

Example LDAP Flix Config File

Note:  This example is for illustration purposes. The entry preceding the ':' is a key that Flix reads, which needs to be named as in the example, but the entry following the ':' follows the exact naming of the attribute name in your AD.

ldap:
  use_ldap: true
  base: dc=flix,dc=ad
  host: 10.10.10.10
  port: 385
  use_ssl: false
  self_auth: false
  bind_user: CN=Flix,OU=Flix-Users,DC=flix,DC=ad
  bind_pass: PASSWORD
  user_search:
    dn: OU=Flix-Users,DC=flix,DC=ad
    filter: (objectClass=organizationalPerson)
    user_attr: sAMAccountName
    name_attr: displayName
    email_attr: description
  group_search:
    dn: OU=Groups,DC=flix,DC=ad
    filter: (objectClass=group)
    user_attr: distinguishedName
    name_attr: name
    group_attr: member
    group_prefix: flix-
    group_suffix: -flix
  roles:
    - role: Show manager
      group_suffix: "Manager"
    - role: View only
      group_suffix: "Readonly"
    - role: Regular user
      group_prefix: "Flix"
    - role: View only # fallback role

Email

smtp_hostname - The hostname e.g., smtp.gmail.com

smtp_port - Port number e.g., 465

smtp_username (optional) - SMTP email address e.g., example@email.com

smtp_password (optional) - SMTP password e.g., MyP@ssword

smtp_send_from - Sets the email address Flix uses for notifications, e.g., flix_publishes@mycompany.com

Note:  If the smtp_username and smtp_password config options are not set, Flix Server attempts to connect to the smtp server without authenticating when sending notification emails.

HTTPS

ca_file - Add this option and the path to a CA certificate file if using self-signed certificates.

cert - Add this option and the path to a TLS certificate file (public key).

key - Add this option and the path to the TLS key file (private key).

Logs

max-log-mb - Sets default log file size to 5 MB. After this data limit is reached, the log file rotates and the older data is split off and stored in archived logs.

log_file - Sets the filename and location for server logs. The CLI flag will make the directory if it doesn't exist. For example: /var/flix/logs/serverlogs.log.

log thread info - Determines what information is included in the logs using 'true' to include and 'false' to exclude. All values are true by default.

user - the user who started that 'thread' of function calls.

client_id - the Flix client ID.

server - the originating server.

Other

font_directory - Path to access fonts

flix5_compatible_imports - Use in Flix 6 when reconforming Avid AAFs created in Flix 5 to relink correct panels.

webhooks - Custom event-based API triggers that automate standard processes can be enabled or disabled on a per-server basis using the enabled: true or false options.
See http://docs.flix-dev.com/#tag/Webhook and https://pypi.org/project/flix-sdk/ for more details on Flix's API and the flix-sdk package.