PDF Render Server Configuration Options
The following properties for the PDF Render container can be configured:
Table: PDF Render Configuration Parameters
| Variable | Default Value | Required? | Availability | Description |
|---|---|---|---|---|
CLEANUP_INTERVAL | 7d | false | Configures how frequently orphaned files are automatically deleted. Defined using the Relative Time Syntax. | |
DEBUG | false | false | Enables debug logging to provide information about status and process. This may include sensitive information as part of the debug contents. | |
FORCE_LOGSCALE_BASE_URL | | false | Force the URL to use when communicating with the LogScale cluster. This will be used for connectivity checks and report request results. | |
HTTP_PROXY | false | Configures a http proxy agent for all requests from the render service to LogScale. | ||
HTTPS_PROXY | false | Configures a https proxy agent for all requests from the render service to LogScale. | ||
MAX_CONCURRENT_JOBS | 10 | false | Configures the number of concurrent reports the render service can process. This can be used to help manage the loading of the service. | |
NODE_EXTRA_CA_CERTS | false |
If the PDF render service needs additional certificates to connect
to LogScale they can be specified here. For example:
NODE_EXTRA_CA_CERTS = /etc/pdf/company.crt. Set this
variable, start the container, and then make sure the container
contains the same directory and certificate file. Finally, restart
the container.
| ||
PORT | 5,123 | false | Port number to listen on for requests | |
SERVICE_VERSION | false | Indicates the compatibility with the expected service version for LogScale. Currently unused. |
Configure PDF Render Service to use TLS/HTTPS
The PDF Render Service supports TLS/HTTPS connections for enhanced security. This enables the service to operate in secure environments with encrypted communication.
To enable TLS:
Set the following environment variables:
TLS_ENABLED=true- Enables HTTPS modeTLS_CERT_PATH=/path/to/certificate.pem- Path to TLS certificate fileTLS_KEY_PATH=/path/to/private-key.pem- Path to TLS private key fileTLS_CA_PATH=/path/to/ca-certificate.pem- Optional CA certificate path
When TLS is enabled, the service will start with HTTPS on the configured port and support TLS versions 1.2 and 1.3. The service maintains backward compatibility - when TLS_ENABLED is not set or false, it operates in HTTP mode as before.
Configuration example:
shell
export TLS_ENABLED=true
export TLS_CERT_PATH="/etc/ssl/certs/pdf-render-service.crt"
export TLS_KEY_PATH="/etc/ssl/private/pdf-render-service.key"This feature improves security for scheduled report generation in enterprise environments requiring encrypted connections.