docs-v2/content/v2.0/reference/config-options.md

title	description	menu
InfluxDB configuration options	Configure InfluxDB when starting the `influxd` service. This article outlines the different configuration options available.	v2_0_ref name weight Configuration options 3

To configure InfluxDB, use the following configuration options when starting the influxd service:

• --assets-path
• --bolt-path
• --e2e-testing
• --engine-path
• --http-bind-address
• --log-level
• --reporting-disabled
• --secret-store
• --session-length
• --session-renew-disabled
• --store
• --tracing-type
• --vault-addr
• --vault-cacert
• --vault-capath
• --vault-client-cert
• --vault-client-key
• --vault-max-retries
• --vault-client-timeout
• --vault-skip-verify
• --vault-tls-server-name
• --vault-token

---

--assets-path

Typically, InfluxData internal use only. Overrides the default InfluxDB user interface (UI) assets by serving assets from the specified directory.

influxd --assets-path=/path/to/custom/assets-dir

---

--bolt-path

Defines the path to the BoltDB database. BoltDB is a key value store written in Go. InfluxDB uses BoltDB to store data including organization and user information, UI data, REST resources, and other key value data.

Default: ~/.influxdbv2/influxd.bolt

influxd --bolt-path=~/.influxdbv2/influxd.bolt

---

--e2e-testing

Adds a /debug/flush endpoint to the InfluxDB HTTP API to clear stores. InfluxData uses this endpoint in end-to-end testing.

influxd --e2e-testing

---

--engine-path

Defines the path to persistent storage engine files where InfluxDB stores all Time-Structure Merge Tree (TSM) data on disk.

Default: ~/.influxdbv2/engine

influxd --engine-path=~/.influxdbv2/engine

---

--http-bind-address

Defines the bind address for the InfluxDB HTTP API. Customize the URL and port for the InfluxDB API and UI.

Default: :9999

influxd --http-bind-address=:9999

---

--log-level

Defines the log output level. InfluxDB outputs log entries with severity levels greater than or equal to the level specified.

Options: debug, info, error
Default: info

influxd --log-level=info

---

--reporting-disabled

Disables sending telemetry data to InfluxData. The InfluxData telemetry page provides information about what data is collected and how InfluxData uses it.

influxd --reporting-disabled

---

--secret-store

Specifies the data store for secrets such as passwords and tokens. Store secrets in either the InfluxDB internal BoltDB or in Vault.

Options: bolt, vault
Default: bolt

influxd --secret-store=bolt

---

--session-length

Specifies the Time to Live (TTL) in minutes for newly created user sessions.

Default: 60

influxd --session-length=60

---

--session-renew-disabled

Disables automatically extending a user's session TTL on each request. By default, every request sets the session's expiration time to five minutes from now. When disabled, sessions expire after the specified session length and the user is redirected to the login page, even if recently active.

influxd --session-renew-disabled

---

--store

Specifies the data store for REST resources.

Options: bolt, memory
Default: bolt

{{% note %}} memory is meant for transient environments, such as testing environments, where data persistence does not matter. InfluxData does not recommend using memory in production. {{% /note %}}

influxd --store=bolt

---

--tracing-type

Enables tracing in InfluxDB and specifies the tracing type. Tracing is disabled by default.

Options: log, jaeger

influxd --tracing-type=log

---

--vault-addr

Specifies the address of the Vault server expressed as a URL and port. For example: https://127.0.0.1:8200/.

influxd --vault-addr=https://127.0.0.1:8200/

You can also set this using the VAULT_ADDR environment variable, however influxd flags take precedence over environment variables.

---

--vault-cacert

Specifies the path to a PEM-encoded CA certificate file on the local disk. This file is used to verify the Vault server's SSL certificate. This setting takes precedence over the --vault-capath setting.

influxd  --vault-cacert=/path/to/ca.pem

You can also set this using the VAULT_CACERT environment variable, however influxd flags take precedence over environment variables.

---

--vault-capath

Specifies the path to a directory of PEM-encoded CA certificate files on the local disk. These certificates are used to verify the Vault server's SSL certificate.

influxd --vault-capath=/path/to/certs/

You can also set this using the VAULT_CAPATH environment variable, however influxd flags take precedence over environment variables.

---

--vault-client-cert

Specifies the path to a PEM-encoded client certificate on the local disk. This file is used for TLS communication with the Vault server.

influxd --vault-client-cert=/path/to/client_cert.pem

You can also set this using the VAULT_CLIENT_CERT environment variable, however influxd flags take precedence over environment variables.

---

--vault-client-key

Specifies the path to an unencrypted, PEM-encoded private key on disk which corresponds to the matching client certificate.

influxd --vault-client-key=/path/to/private_key.pem

You can also set this using the VAULT_CLIENT_KEY environment variable, however influxd flags take precedence over environment variables.

---

--vault-max-retries

Specifies the maximum number of retries when encountering a 5xx error code. The default is 2 (for three attempts in total). Set this to 0 or less to disable retrying.

Default: 2

influxd --vault-max-retries=2

You can also set this using the VAULT_MAX_RETRIES environment variable, however influxd flags take precedence over environment variables.

---

--vault-client-timeout

Specifies the Vault client timeout.

Default: 60s

influxd --vault-client-timeout=60s

You can also set this using the VAULT_CLIENT_TIMEOUT environment variable, however influxd flags take precedence over environment variables.

---

--vault-skip-verify

Skip certificate verification when communicating with Vault. Setting this variable voids Vault's security model and is not recommended.

influxd --vault-skip-verify

You can also set this using the VAULT_SKIP_VERIFY environment variable, however influxd flags take precedence over environment variables.

---

--vault-tls-server-name

Specifies the name to use as the Server Name Indication (SNI) host when connecting via TLS.

influxd --vault-tls-server-name=secure.example.com

You can also set this using the VAULT_TLS_SERVER_NAME environment variable, however influxd flags take precedence over environment variables.

---

--vault-token

Specifies the Vault authentication token use when authenticating with Vault.

influxd --vault-token=exAmple-t0ken-958a-f490-c7fd0eda5e9e

You can also set this using the VAULT_TOKEN environment variable, however influxd flags take precedence over environment variables.