Environment Variables
Alphabetical quick-lookup table of every SIMFRA_* environment variable. For detailed descriptions of each variable and usage examples, see Configuration: Environment Variables.
| Variable | Default | Description |
|---|---|---|
SIMFRA_ADMIN_TOKEN |
(none) | Bearer token required for admin API (/_simfra/*) requests. When empty, no auth is required. |
SIMFRA_APIGW_PORT_RANGE |
10300-10399 |
Host port range for API Gateway containers. |
SIMFRA_BEDROCK_OLLAMA_IMAGE |
ollama/ollama:latest |
Docker image for the Ollama backend used by Bedrock. |
SIMFRA_BEDROCK_MODEL_MAP |
(none) | Comma-separated model=ollama_model mappings for Bedrock model resolution (e.g. mistral=mistral:7b,image=sdxl). |
SIMFRA_BOOTSTRAP |
(none) | Bootstrap mode on startup. Set to standard or a path to a Terraform directory. |
SIMFRA_CLOUDFRONT_PORT_RANGE |
10800-10899 |
Host port range for CloudFront CDN containers. |
SIMFRA_COGNITO_AUTH_PORT_RANGE |
10700-10799 |
Host port range for Cognito hosted UI containers. |
SIMFRA_CONTAINERIZED |
(auto-detected) | Set to true when Simfra itself runs inside Docker. Auto-detected via /.dockerenv. |
SIMFRA_DATA_DIR |
(none) | Directory for SQLite persistence and file-based storage. When empty, all state is in-memory only. |
SIMFRA_DEFAULT_ACCOUNT_ID |
000000000000 |
AWS account ID for the default root account created at startup. |
SIMFRA_DEFAULT_REGION |
us-east-1 |
Default AWS region used when no region is specified. |
SIMFRA_DNS_PORT_RANGE |
10000-10099 |
Host port range for DNS server containers. |
SIMFRA_DOCKER |
false |
Enable Docker-backed services (Lambda, RDS, ECS, EC2, ELBv2, etc.). |
SIMFRA_DOCKER_CLEANUP_ON_SHUTDOWN |
true |
Remove Simfra-managed containers and networks on graceful shutdown. |
SIMFRA_DOCKER_CLEANUP_ON_START |
true |
Remove stale Simfra containers and networks from previous runs on startup. |
SIMFRA_DOCKER_IMAGE_REGISTRY |
(none) | Registry prefix for all Docker images Simfra pulls - sidecars, databases, runtimes, infrastructure (e.g. registry.internal.example.com/simfra). |
SIMFRA_DOCKER_IMAGE_TAG |
(none) | Tag override for Simfra sidecar container images. |
SIMFRA_DOMAIN_SUFFIX |
simfra.dev |
Domain suffix for service-generated DNS names (ALB, CloudFront, API Gateway). |
SIMFRA_DSQL_PORT_RANGE |
11600-11699 |
Host port range for DSQL (DynamoDB SQL) containers. |
SIMFRA_EC2_IMAGE_AMAZONLINUX2023 |
amazonlinux:2023 |
Docker image for Amazon Linux 2023 EC2 instances. |
SIMFRA_EC2_IMAGE_UBUNTU |
ubuntu:latest |
Docker image for Ubuntu EC2 instances. |
SIMFRA_ELASTICACHE_IMAGE_MEMCACHED |
memcached:1.6 |
Docker image for ElastiCache Memcached nodes. |
SIMFRA_ELASTICACHE_IMAGE_REDIS |
redis:7 |
Docker image for ElastiCache Redis nodes. |
SIMFRA_ELASTICACHE_IMAGE_VALKEY |
valkey/valkey:8 |
Docker image for ElastiCache Valkey nodes. |
SIMFRA_ELBV2_PORT_RANGE |
10200-10299 |
Host port range for ELBv2 (ALB/NLB) containers. |
SIMFRA_HOST |
0.0.0.0 |
Network interface to bind the HTTP server to. |
SIMFRA_HOSTNAME |
simfra.local |
Hostname that Docker containers use to reach Simfra. |
SIMFRA_LAMBDA_IMAGE_REGISTRY |
public.ecr.aws/lambda |
Registry for Lambda runtime container images. |
SIMFRA_LOG_LEVEL |
info |
Log level: trace, debug, info, warn, error. |
SIMFRA_MQ_PORT_RANGE |
11200-11299 |
Host port range for Amazon MQ broker containers. |
SIMFRA_PERSISTENCE_KEY |
(none) | Encryption key for field-level encryption of sensitive persisted data (e.g. IAM secret access keys). |
SIMFRA_PORT |
4599 |
HTTP port for all AWS API traffic and the admin API. |
SIMFRA_RDS_IMAGE_MARIADB |
mariadb:10.11 |
Docker image for RDS MariaDB instances. |
SIMFRA_RDS_IMAGE_MYSQL |
mysql:8.0 |
Docker image for RDS MySQL instances. |
SIMFRA_RDS_IMAGE_POSTGRES |
postgres:16 |
Docker image for RDS PostgreSQL instances. |
SIMFRA_RDS_PORT_RANGE |
10400-10499 |
Host port range for RDS database containers. |
SIMFRA_REDSHIFT_PORT_RANGE |
11000-11099 |
Host port range for Redshift containers. |
SIMFRA_ROOT_ACCESS_KEY_ID |
AKIAIOSFODNN7EXAMPLE |
AWS access key ID for the default root account. |
SIMFRA_ROOT_SECRET_ACCESS_KEY |
wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY |
AWS secret access key for the default root account. |
SIMFRA_VPC_ISOLATION |
Same as SIMFRA_DOCKER |
When true, private Docker containers are not published to the host network. Host is treated as the public internet. |