Configuration File Reference

The Core Server's behavior is controlled by the Proxus-config.toml file. Every setting in this file can be overridden using environment variables, which is the preferred method for Docker and Kubernetes deployments.

lightbulb

Variable Mapping Rule

To override a TOML key with an environment variable:

Use the TOML section name and key, joined with a double underscore (__).
Preserve the original casing from the TOML file.
For nested sections, separate every level with __.
Examples:
- [NATS] BrokerUrl → NATS__BrokerUrl
- [Database] ConnectionString → Database__ConnectionString
- [Security.Password] MinLength → Security__Password__MinLength
- [[WEBAPI.Authentication.Jwt]] first entry's Issuer → WEBAPI__Authentication__Jwt__0__Issuer

The double underscore is the .NET convention for the configuration hierarchy separator (:), because POSIX shells do not accept : in environment variable names.

Notation Notes

Empty value still wins. NATS__BrokerUrl="" overrides the TOML value with an empty string. To fall back to the TOML value, remove the variable entirely instead of setting it to "".
TOML keys with hyphens. Some keys (for example Service__UI-Port) contain hyphens. POSIX shells reject hyphens in export X=Y syntax, so these names work only inside Docker Compose environment: lists, Kubernetes manifest env: arrays, or via inline env "Service__UI-Port=8080" ./Proxus.Server.
Array sections. TOML [[Section.Sub]] arrays are indexed numerically. The first entry's Key becomes Section__Sub__0__Key, the second Section__Sub__1__Key, and so on.
Command-line still wins. Startup arguments such as ./Proxus.Server --GatewayID=1 override both environment variables and TOML.

Core Service Settings

Controls the [Service] section. Defines the identity and network ports for the microservices.

TOML Key	Environment Variable	Type	Description
Name	`Service__Name`	String	The instance name visible in logs/cluster.
UI-Port	`Service__UI-Port`	String	HTTP port for the Management Console.
UI-HTTPS-Port	`Service__UI-HTTPS-Port`	String	HTTPS port for the Management Console.
UI-Address	`Service__UI-Address`	String	Bind address for UI (e.g., 0.0.0.0).
WEBApi-Port	`Service__WEBApi-Port`	String	HTTP port for the REST API.
WEBApi-HTTPS-Port	`Service__WEBApi-HTTPS-Port`	String	HTTPS port for the REST API.
WEBApi-Address	`Service__WEBApi-Address`	String	Bind address for API.
Server-Port	`Service__Server-Port`	String	Main gRPC port for internal comms.
Server-HTTPS-Port	`Service__Server-HTTPS-Port`	String	Secure gRPC port.
Server-Address	`Service__Server-Address`	String	Bind address for Server.
Certificate source	-	UI-managed	HTTPS certificates are selected in Administration → Certificate Store. `Proxus-config.toml` now defines ports, while certificate material is managed from the UI.

Databases

Proxus uses a hybrid storage model (Relational + Time-Series). Controls the [Database] and [ClickHouse] sections.

General Database Settings

Controls the [Database] section.

TOML Key	Environment Variable	Type	Description
ConnectionString	`Database__ConnectionString`	String	PostgreSQL connection string (Users, Config).
TelemetryDB	`Database__TelemetryDB`	String	Telemetry backend: `clickhouse` or `timescale`.
InsertStrategy	`Database__InsertStrategy`	String	`Bulk` (Recommended) or `Single`.
BulkInsertInterval	`Database__BulkInsertInterval`	Int	Buffer flush interval in ms (Default: 1000).
MaxConcurrentInserts	`Database__MaxConcurrentInserts`	Int	Max parallel write operations.
EnableDataStoreCache	`Database__EnableDataStoreCache`	Bool	Enable Level-2 caching for system tables.
TablesExcludedFromCache	`Database__TablesExcludedFromCache__0`, `…__1`, …	Array	Tables to never cache. Each array entry is set with its index (e.g., `Database__TablesExcludedFromCache__0=Log`).
DeviceRawDataRetentionPolicy	`Database__DeviceRawDataRetentionPolicy`	String	Retention period for raw data (e.g., `7d`, `1y`). `0s` = disabled.

ClickHouse Tuning

Controls the [ClickHouse] section.

TOML Key	Environment Variable	Type	Description
ClickHouseHost	`ClickHouse__ClickHouseHost`	String	Hostname of the ClickHouse server.
ClickHousePort	`ClickHouse__ClickHousePort`	Int	HTTP interface port (Default: 8123).
ClickHouseMySqlPort	`ClickHouse__ClickHouseMySqlPort`	Int	MySQL wire-protocol port (Default: 9004).
ClickHouseDatabase	`ClickHouse__ClickHouseDatabase`	String	Database name (Default: `proxus`).
ClickHouseUsername	`ClickHouse__ClickHouseUsername`	String	Auth username.
ClickHousePassword	`ClickHouse__ClickHousePassword`	String	Auth password.
ClickHouseWriteIntervalSeconds	`ClickHouse__ClickHouseWriteIntervalSeconds`	Int	Batch write frequency.
ClickHouseTTLExpression	`ClickHouse__ClickHouseTTLExpression`	String	TTL SQL expression (e.g., `toIntervalMonth(3)`).
ClickHouseLogTTLExpression	`ClickHouse__ClickHouseLogTTLExpression`	String	TTL expression for logs (e.g. `INTERVAL 45 DAY`).

[NATS]

Controls the [NATS] section.

TOML Key	Environment Variable	Type	Description
BrokerUrl	`NATS__BrokerUrl`	String	Broker connection URL (e.g., `nats://localhost:4222`).
BrokerUser	`NATS__BrokerUser`	String	Cluster username.
BrokerPassword	`NATS__BrokerPassword`	String	Cluster password.

Security & Authentication

Global Security

Controls the [Security] section.

TOML Key	Environment Variable	Type	Description
Lockout.Enabled	`Security__Lockout__Enabled`	Bool	Enable account lockout on failure.
Lockout.MaxFailedAccessAttempts	`Security__Lockout__MaxFailedAccessAttempts`	Int	Max attempts before lockout.
Lockout.DefaultLockoutTimeSpan	`Security__Lockout__DefaultLockoutTimeSpan`	Int	Lockout duration in seconds.

Password Policy

Controls the [Security.Password] section.

TOML Key	Environment Variable	Type	Description
MinLength	`Security__Password__MinLength`	Int	Minimum characters.
MaxLength	`Security__Password__MaxLength`	Int	Maximum characters.
RequireUppercase	`Security__Password__RequireUppercase`	Int	Count of uppercase chars required.
RequireLowercase	`Security__Password__RequireLowercase`	Int	Count of lowercase chars required.
RequireDigits	`Security__Password__RequireDigits`	Int	Count of digits required.
RequireSpecialCharacters	`Security__Password__RequireSpecialCharacters`	Int	Count of symbols required.
AllowedSpecialCharacters	`Security__Password__AllowedSpecialCharacters`	String	List of valid symbols (e.g., `!@#$%`).
PasswordHistory	`Security__Password__PasswordHistory`	Int	Number of past passwords to remember.
PasswordExpirationDays	`Security__Password__PasswordExpirationDays`	Int	Days before password expires.
PasswordExpirationWarningDays	`Security__Password__PasswordExpirationWarningDays`	Int	Days to warn before expiration.
PreventCommonPasswords	`Security__Password__PreventCommonPasswords`	Bool	Block dictionary words.
PreventKeyboardPatterns	`Security__Password__PreventKeyboardPatterns`	Bool	Block patterns like `qwerty` or `12345`.
PreventRepeatedCharacters	`Security__Password__PreventRepeatedCharacters`	Bool	Block `aaaaa`.
MaxRepeatedCharacters	`Security__Password__MaxRepeatedCharacters`	Int	Max consecutive repeats.
RequireChangeOnFirstLogin	`Security__Password__RequireChangeOnFirstLogin`	Bool	Force change for new users.
TempPasswordExpirationHours	`Security__Password__TempPasswordExpirationHours`	Int	Validity of temp passwords (hours).

JWT & WebAPI

Controls the [Jwt] and [[WEBAPI.Authentication.Jwt]] sections. The latter is a TOML array of tables, so the first entry uses index 0.

TOML Key	Environment Variable	Type	Description
Issuer	`Jwt__Issuer`	String	Token Issuer claim.
Audience	`Jwt__Audience`	String	Token Audience claim.
Key	`Jwt__Key`	String	256-bit Signing Key.
Issuer (API)	`WEBAPI__Authentication__Jwt__0__Issuer`	String	API specific issuer.
Audience (API)	`WEBAPI__Authentication__Jwt__0__Audience`	String	API specific audience.
IssuerSigningKey	`WEBAPI__Authentication__Jwt__0__IssuerSigningKey`	String	API specific signing key.
TokenExpireTime	`WEBAPI__Authentication__Jwt__0__TokenExpireTime`	String	Token validity duration.

Unified Namespace

Controls the [UNS] section.

TOML Key	Environment Variable	Type	Description
UNSVersion	`UNS__UNSVersion`	String	Topic version prefix for UNS paths (default: `v1`).
UNSPayloadFormat	`UNS__UNSPayloadFormat`	String	Payload format: `JSON` (default) or `SparkplugB`.
UNSGroupId	`UNS__UNSGroupId`	String	SparkplugB Group ID (used when format is SparkplugB).
UNSEdgeNodeId	`UNS__UNSEdgeNodeId`	String	SparkplugB Edge Node Identifier.
UNSRetainMessages	`UNS__UNSRetainMessages`	Bool	Set MQTT Retain flag on publish.
QoS:Telemetry	`UNS__QoS__Telemetry`	String	QoS for telemetry publish (`0`, `1`, `2`; default: `0`).
QoS:State	`UNS__QoS__State`	String	QoS for state publish (`0`, `1`, `2`; default: `1`).
QoS:Command	`UNS__QoS__Command`	String	QoS for command publish (`0`, `1`, `2`; default: `1`).

UNS Optimizations

Controls the [UNS.Optimizations] section.

TOML Key	Environment Variable	Type	Description
TelemetryThinPayload	`UNS__Optimizations__TelemetryThinPayload`	Bool	Remove "context" object from telemetry payloads.
SummaryIncludeContext	`UNS__Optimizations__SummaryIncludeContext`	Bool	Include ISA-95 context in `_summary` messages.
SummaryIntervalMs	`UNS__Optimizations__SummaryIntervalMs`	Int	Min publish interval for `_summary` (ms).
LastSeenIntervalMs	`UNS__Optimizations__LastSeenIntervalMs`	Int	Min publish interval for `_lastSeen` (ms).
StatusOnChangeOnly	`UNS__Optimizations__StatusOnChangeOnly`	Bool	Publish `_status` only when value changes.
SummaryOnlyOnChange	`UNS__Optimizations__SummaryOnlyOnChange`	Bool	Publish `_summary` only when hash changes.

Fieldbus

Controls the [Fieldbus] section.

TOML Key	Environment Variable	Type	Description
UseBatchReadForSupportedProtocols	`Fieldbus__UseBatchReadForSupportedProtocols`	Bool	Enable batch reading for supported protocols to reduce network traffic.

Browse

Controls the [Browse] section.

TOML Key	Environment Variable	Type	Description
UseEdgeRemoteBrowse	`Browse__UseEdgeRemoteBrowse`	Bool	Force hub UI to use edge request/reply browse flow.

Integrations

Controls the [MQTTBroker], [MQTTAPI], and [HttpServer] sections.

Embedded MQTT Broker

Controls the [MQTTBroker] section.

TOML Key	Environment Variable	Type	Description
Enabled	`MQTTBroker__Enabled`	Bool	Enable internal broker.
MQTTBrokerPort	`MQTTBroker__MQTTBrokerPort`	Int	Listening port.
AllowAnonymous	`MQTTBroker__AllowAnonymous`	Bool	Allow auth-less connections.
MasterToken	`MQTTBroker__MasterToken`	String	Superuser token.
BrokerHostAddress	`MQTTBroker__BrokerHostAddress`	String	Bind address.
EnableMQTTHooks	`MQTTBroker__EnableMQTTHooks`	Bool	Enable internal hooks.

External MQTT Client

Controls the [MQTTAPI] section.

TOML Key	Environment Variable	Type	Description
MQTTServer	`MQTTAPI__MQTTServer`	String	External Broker Address.
MQTTPort	`MQTTAPI__MQTTPort`	Int	External Broker Port.
MQTTUser	`MQTTAPI__MQTTUser`	String	Username.
MQTTPassword	`MQTTAPI__MQTTPassword`	String	Password.
MQTTVersion	`MQTTAPI__MQTTVersion`	String	Protocol Version (`V310` or `V500`).
MQTTConnectionTimeOut	`MQTTAPI__MQTTConnectionTimeOut`	Int	Connection timeout (seconds).
MQTTKeepAlivePeriod	`MQTTAPI__MQTTKeepAlivePeriod`	Int	Keep Alive (sec).
MQTTCleanSession	`MQTTAPI__MQTTCleanSession`	Bool	Clean Session flag.
MQTTQos	`MQTTAPI__MQTTQos`	Int	Default QoS (0, 1, 2).
MQTTRetain	`MQTTAPI__MQTTRetain`	Bool	Default Retain flag.

HTTP Server

Controls the [HttpServer] section.

TOML Key	Environment Variable	Type	Description
Enabled	`HttpServer__Enabled`	Bool	Enable HTTP Ingestion endpoint.
Port	`HttpServer__Port`	Int	Listening port.
MaxConcurrentConnections	`HttpServer__MaxConcurrentConnections`	Int	Max connections.
MaxRequestBodySize	`HttpServer__MaxRequestBodySize`	Long	Max payload size in bytes.
KeepAliveTimeout	`HttpServer__KeepAliveTimeout`	Int	Keep-alive timeout.
MaxKeepAliveRequests	`HttpServer__MaxKeepAliveRequests`	Int	Max requests per connection.
RequestHeadersTimeout	`HttpServer__RequestHeadersTimeout`	Int	Header read timeout.
EnableHttps	`HttpServer__EnableHttps`	Bool	Enable TLS.
SslCertificateThumbprint	`HttpServer__SslCertificateThumbprint`	String	Optional reference to a certificate stored in the Certificate Store. Leave empty to use the default platform certificate.
RateLimitPermitLimit	`HttpServer__RateLimitPermitLimit`	Int	Requests per window.
RateLimitWindowSeconds	`HttpServer__RateLimitWindowSeconds`	Int	Rate limit window size.
EnableCompression	`HttpServer__EnableCompression`	Bool	Enable GZIP/Brotli.

Actors

TOML Key	Environment Variable	Type	Description
DeveloperLogging	`ProtoActor__DeveloperLogging`	Bool	Verbose actor logging.
SubscribersStorageType	`ProtoActor__PubSub__SubscribersStorageType`	String	PubSub backend (`Redis`, `InMemory`).
RedisConnectionString	`ProtoActor__PubSub__RedisConnectionString`	String	Redis connection string.
RedisMaxConcurrency	`ProtoActor__PubSub__RedisMaxConcurrency`	Int	Redis concurrency limit.

User Functions

Controls the [UserFunctions] section.

TOML Key	Environment Variable	Type	Description
ExceptionThresholdPerFunction	`UserFunctions__ExceptionThresholdPerFunction`	Int	Max crashes before undeploy (Default: 10).
UseAutoDisposeInjector	`UserFunctions__UseAutoDisposeInjector`	Bool	Auto-inject Dispose calls.
UseAutoTryCatchInjector	`UserFunctions__UseAutoTryCatchInjector`	Bool	Auto-inject Try/Catch blocks.
LogProxusCompilerGeneratedCode	`UserFunctions__LogProxusCompilerGeneratedCode`	Bool	Debug generated C# code.
LogLevelPolicy	`UserFunctions__LogLevelPolicy__0`, `…__1`, …	Array	Log rate limits (e.g., `Error:20 1m`). Each policy entry uses its index.

Observability & Maintenance

Logging & Tracing

Controls the [Logging], [Tracing], [Metrics], and [Otlp] sections.

TOML Key	Environment Variable	Type	Description
Loglevel	`Logging__Loglevel`	Int	0=Trace, 1=Debug, 2=Info, ...
LogRetentionTime	`Logging__LogRetentionTime`	Int	Retention days for database logs.
LogToFile	`Logging__LogToFile`	Bool	Write logs to disk.
LogSqlQueries	`Logging__LogSqlQueries`	Bool	Log generated SQL (Verbose!).
Enable (Tracing)	`Tracing__Enable`	Bool	Enable OpenTelemetry Tracing.
Enable (Metrics)	`Metrics__Enable`	Bool	Enable OpenTelemetry Metrics.
Endpoint (OTLP)	`Otlp__Endpoint`	String	OTLP Collector URL.
MetricsIntervalMilliseconds	`Otlp__MetricsIntervalMilliseconds`	Int	Export interval.

Data Settings

Controls the [Data] section.

TOML Key	Environment Variable	Type	Description
MaxDeviceDataLoad	`Data__MaxDeviceDataLoad`	Int	Max records to fetch for UI charts.
DeviceDataTimeRange	`Data__DeviceDataTimeRange`	String	Default UI time range.
LogsTimeRange	`Data__LogsTimeRange`	String	Default Logs time range (e.g. "1d").
DeviceMetricsTransmissionInterval	`Data__DeviceMetricsTransmissionInterval`	Int	Health metrics push interval.

Miscellaneous

Edge Gateway

Controls the [EdgeGateway] section.

TOML Key	Environment Variable	Type	Description
EdgeMode	`EdgeGateway__EdgeMode`	String	`Proxus` (Core) or `Standalone` (Agent).
Integration	`EdgeGateway__Integration`	String	Integration mode.
GatewayName	`EdgeGateway__GatewayName`	String	Logical name of the gateway.
GatewayID	`EdgeGateway__GatewayID`	String	Numeric ID (Core is always 1).
EdgeMetricsTransmissionInterval	`EdgeGateway__EdgeMetricsTransmissionInterval`	Int	Edge health push interval.

[UI]

Controls the [UI] section.

TOML Key	Environment Variable	Type	Description
ForceSkiaRendering	`UI__ForceSkiaRendering`	Bool	Force Skia rendering for charts.
EnableDashboardExportRestrictedMode	`UI__EnableDashboardExportRestrictedMode`	Bool	Restrict export formats.
EnableDashboardCustomPalette	`UI__EnableDashboardCustomPalette__0`, `…__1`, …	Array	Custom HEX color palette for dashboard charts (e.g., `UI__EnableDashboardCustomPalette__0=#3dbb8b`).

[DevExpress.ExpressApp]

Controls the [DevExpress.ExpressApp] section.

TOML Key	Environment Variable	Type	Description
Languages	`DevExpress__ExpressApp__Languages`	String	Supported UI languages.
ShowLanguageSwitcher	`DevExpress__ExpressApp__ShowLanguageSwitcher`	Bool	Show or hide the language menu.

[DevExpress.ExpressApp.ThemeSwitcher]

Controls the [DevExpress.ExpressApp.ThemeSwitcher] section.

TOML Key	Environment Variable	Type	Description
DefaultItemName	`DevExpress__ExpressApp__ThemeSwitcher__DefaultItemName`	String	Default theme.
ShowSizeModeSwitcher	`DevExpress__ExpressApp__ThemeSwitcher__ShowSizeModeSwitcher`	Bool	Show the compact/touch toggle.

Model Context Protocol

Controls the [MCP] section. AI Agent interface and security permissions.

TOML Key	Environment Variable	Type	Description
Enabled	`MCP__Enabled`	Bool	Enable MCP server functionality.
AllowedMethods	`MCP__AllowedMethods`	String	Allowed HTTP verbs (e.g. "GET,POST").
BlockDelete	`MCP__BlockDelete`	Bool	Block all DELETE operations regardless of user permissions.
BlockBulkOperations	`MCP__BlockBulkOperations`	Bool	Prevent modification of multiple entities in one request.
AdminOnly	`MCP__AdminOnly`	Bool	Restrict access to Administrators group only.
RateLimitEnabled	`MCP__RateLimitEnabled`	Bool	Enable request rate limiting.
RateLimitRequestsPerMinute	`MCP__RateLimitRequestsPerMinute`	Int	Max requests per user/minute.
AuditLogging	`MCP__AuditLogging`	Bool	Log all operations to audit trail.
IPWhitelist	`MCP__IPWhitelist__0`, `…__1`, …	Array	Allowed IP addresses/CIDR blocks. Empty = Allow All.
MaxConcurrentSessionsPerUser	`MCP__MaxConcurrentSessionsPerUser`	Int	Max active sessions (0 = Unlimited).
AlertOnSuspiciousActivity	`MCP__AlertOnSuspiciousActivity`	Bool	Trigger alerts on anomaly detection.
DebugLogging	`MCP__DebugLogging`	Bool	Verbose console logging for diagnostics.

Top-Level Configuration

Controls top-level TOML sections that hold a single key.

TOML Key	Environment Variable	Type	Description
`[Development]` AllowedHosts	`Development__AllowedHosts`	String	Comma-separated list of allowed host headers.
`[Culture]` Name	`Culture__Name`	String	Force .NET Culture (e.g. `tr-TR`).
`[Kestrel.EndpointDefaults]` Protocols	`Kestrel__EndpointDefaults__Protocols`	String	HTTP Protocol versions (e.g. `Http1AndHttp2`, `Http2`).

Host Environment

These are real OS environment variables consumed by the .NET runtime, not Proxus configuration entries. They are listed here for completeness.

Variable Name	Description
DYLD_FALLBACK_LIBRARY_PATH	System library path override (Crucial for macOS/Linux native interop).
ASPNETCORE_ENVIRONMENT	ASP.NET Core hosting environment (e.g. `Production`, `Development`).

Core Capabilities

Intelligence

Operations

Industries

Use Cases