Overview #
The Namazu Elements UI is configured via environment variables that control how the frontend locates the REST API, documentation endpoint, CDN, and allowed CORS origins. These variables use the prefix dev_getelements and are resolved at startup.
Elements was originally configured via Java properties files in dot notation. In containerized deployments, environment variables bearing the dev_getelements prefix are automatically converted to dot notation at runtime. Log output reflects this dot-notation form.
Environment Variables #
The following variables configure the Elements UI. All are read at application startup.
| Variable | Description | Example |
dev_getelements_elements_api_url | Full external URL for the REST API. Must include the /api/rest path segment. The UI reads this first to initialize the REST client. | https://example.com/api/rest |
dev_getelements_elements_doc_url | Full URL for the documentation endpoint. | https://example.com/doc |
dev_getelements_elements_cdn_url | Full URL for the CDN origin. Serves as the origin for static content in the Large Object system. | https://example.com/cdn |
dev_getelements_elements_cors_allowed_origins | Comma-separated list of allowed CORS origins. Leave blank to disable CORS header injection. | (blank) |
Typical Deployment Values #
For a standard deployment at example.com, set the following:
dev_getelements_elements_api_url=https://example.com/api/rest
dev_getelements_elements_doc_url=https://example.com/doc
dev_getelements_elements_cdn_url=https://example.com/cdn
dev_getelements_elements_cors_allowed_origins=CORS Origin Behavior #
When dev_getelements_elements_cors_allowed_origins is set, the application inspects the incoming Origin request header. If the origin matches one of the listed values, the following response headers are injected:
| Header | Value Set |
Access-Control-Allow-Origin | Value of the Origin request header |
Access-Control-Allow-Headers | X-HTTP-Method-Override, Content-Type, SocialEngine-Secret, Elements-SessionSecret, Authorization |
Access-Control-Allow-Credentials | true |
Access-Control-Allow-Methods | GET, POST, PUT, PATCH, DELETE |
If the origin does not match, the CORS headers are omitted silently. No error is returned.
Notes #
- The
/api/rest(as well as other similar URI patterns) path segment indev_getelements_elements_api_urlis required and cannot be changed, even though it may appear redundant. This is known technical debt we will address in a future release. - Log output shows configuration in dot notation (e.g.,
dev.getelements.elements.api.url). This is the internal representation after env var prefix conversion and does not require any action. - In non-containerized environments, these settings can alternatively be supplied via a Java properties file using the equivalent dot-notation keys or using system defines.
- On Server startup, Namazu Elements will log all settings and their defaults. The available settings are typically specific to the version you are running. Always refer to the log output for the most accurate list of what Namazu Elements uses.