github.com/argoproj/argo-cd/v3@v3.2.1/docs/operator-manual/server-commands/argocd-server.md

github.com/argoproj/argo-cd/v3@v3.2.1/docs/operator-manual/server-commands/argocd-server.md (about)

1 # `argocd-server` Command Reference
2
3 ## argocd-server
4
5 Run the ArgoCD API server
6
7 ### Synopsis
8
9 The API server is a gRPC/REST server which exposes the API consumed by the Web UI, CLI, and CI/CD systems. This command runs API server in the foreground. It can be configured by following options.
10
11 ```
12 argocd-server [flags]
13 ```
14
15 ### Examples
16
17 ```
18 # Start the Argo CD API server with default settings
19 $ argocd-server
20
21 # Start the Argo CD API server on a custom port and enable tracing
22 $ argocd-server --port 8888 --otlp-address localhost:4317
23 ```
24
25 ### Options
26
27 ```
28 --address string Listen on given address (default "0.0.0.0")
29 --api-content-types string Semicolon separated list of allowed content types for non GET api requests. Any content type is allowed if empty. (default "application/json")
30 --app-state-cache-expiration duration Cache expiration for app state (default 1h0m0s)
31 --application-namespaces strings List of additional namespaces where application resources can be managed in
32 --appset-allowed-scm-providers strings The list of allowed custom SCM provider API URLs. This restriction does not apply to SCM or PR generators which do not accept a custom API URL. (Default: Empty = all)
33 --appset-enable-github-api-metrics Enable GitHub API metrics for generators that use the GitHub API
34 --appset-enable-new-git-file-globbing Enable new globbing in Git files generator.
35 --appset-enable-scm-providers Enable retrieving information from SCM providers, used by the SCM and PR generators (Default: true) (default true)
36 --appset-scm-root-ca-path string Provide Root CA Path for self-signed TLS Certificates
37 --as string Username to impersonate for the operation
38 --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
39 --as-uid string UID to impersonate for the operation
40 --basehref string Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / (default "/")
41 --certificate-authority string Path to a cert file for the certificate authority
42 --client-certificate string Path to a client certificate file for TLS
43 --client-key string Path to a client key file for TLS
44 --cluster string The name of the kubeconfig cluster to use
45 --connection-status-cache-expiration duration Cache expiration for cluster/repo connection status (default 1h0m0s)
46 --content-security-policy value Set Content-Security-Policy header in HTTP responses to value. To disable, set to "". (default "frame-ancestors 'self';")
47 --context string The name of the kubeconfig context to use
48 --default-cache-expiration duration Cache expiration default (default 24h0m0s)
49 --dex-server string Dex server address (default "argocd-dex-server:5556")
50 --dex-server-plaintext Use a plaintext client (non-TLS) to connect to dex server
51 --dex-server-strict-tls Perform strict validation of TLS certificates when connecting to dex server
52 --disable-auth Disable client authentication
53 --disable-compression If true, opt-out of response compression for all requests to the server
54 --enable-gzip Enable GZIP compression (default true)
55 --enable-k8s-event none Enable ArgoCD to use k8s event. For disabling all events, set the value as none. (e.g --enable-k8s-event=none), For enabling specific events, set the value as `event reason`. (e.g --enable-k8s-event=StatusRefreshed,ResourceCreated) (default [all])
56 --enable-proxy-extension Enable Proxy Extension feature
57 --gloglevel int Set the glog logging level
58 -h, --help help for argocd-server
59 --hydrator-enabled Feature flag to enable Hydrator. Default ("false")
60 --insecure Run server without TLS
61 --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
62 --kubeconfig string Path to a kube config. Only required if out-of-cluster
63 --logformat string Set the logging format. One of: json|text (default "json")
64 --login-attempts-expiration duration Cache expiration for failed login attempts. DEPRECATED: this flag is unused and will be removed in a future version. (default 24h0m0s)
65 --loglevel string Set the logging level. One of: debug|info|warn|error (default "info")
66 --metrics-address string Listen for metrics on given address (default "0.0.0.0")
67 --metrics-port int Start metrics on given port (default 8083)
68 -n, --namespace string If present, the namespace scope for this CLI request
69 --oidc-cache-expiration duration Cache expiration for OIDC state (default 3m0s)
70 --otlp-address string OpenTelemetry collector address to send traces to
71 --otlp-attrs strings List of OpenTelemetry collector extra attrs when send traces, each attribute is separated by a colon(e.g. key:value)
72 --otlp-headers stringToString List of OpenTelemetry collector extra headers sent with traces, headers are comma-separated key-value pairs(e.g. key1=value1,key2=value2) (default [])
73 --otlp-insecure OpenTelemetry collector insecure mode (default true)
74 --password string Password for basic authentication to the API server
75 --port int Listen on given port (default 8080)
76 --proxy-url string If provided, this URL will be used to connect via proxy
77 --redis string Redis server hostname and port (e.g. argocd-redis:6379).
78 --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation.
79 --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt).
80 --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt).
81 --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip")
82 --redis-insecure-skip-tls-verify Skip Redis server certificate validation.
83 --redis-use-tls Use TLS when connecting to Redis.
84 --redisdb int Redis database.
85 --repo-cache-expiration duration Cache expiration for repo state, incl. app lists, app details, manifest generation, revision meta-data (default 24h0m0s)
86 --repo-server string Repo server address (default "argocd-repo-server:8081")
87 --repo-server-default-cache-expiration duration Cache expiration default (default 24h0m0s)
88 --repo-server-plaintext Use a plaintext client (non-TLS) to connect to repository server
89 --repo-server-redis string Redis server hostname and port (e.g. argocd-redis:6379).
90 --repo-server-redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation.
91 --repo-server-redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt).
92 --repo-server-redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt).
93 --repo-server-redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip")
94 --repo-server-redis-insecure-skip-tls-verify Skip Redis server certificate validation.
95 --repo-server-redis-use-tls Use TLS when connecting to Redis.
96 --repo-server-redisdb int Redis database.
97 --repo-server-sentinel stringArray Redis sentinel hostname and port (e.g. argocd-redis-ha-announce-0:6379).
98 --repo-server-sentinelmaster string Redis sentinel master group name. (default "master")
99 --repo-server-strict-tls Perform strict validation of TLS certificates when connecting to repo server
100 --repo-server-timeout-seconds int Repo server RPC call timeout seconds. (default 60)
101 --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
102 --revision-cache-expiration duration Cache expiration for cached revision (default 3m0s)
103 --revision-cache-lock-timeout duration Cache TTL for locks to prevent duplicate requests on revisions, set to 0 to disable (default 10s)
104 --rootpath string Used if Argo CD is running behind reverse proxy under subpath different from /
105 --sentinel stringArray Redis sentinel hostname and port (e.g. argocd-redis-ha-announce-0:6379).
106 --sentinelmaster string Redis sentinel master group name. (default "master")
107 --server string The address and port of the Kubernetes API server
108 --staticassets string Directory path that contains additional static assets (default "/shared/app")
109 --sync-with-replace-allowed Whether to allow users to select replace for syncs from UI/CLI (default true)
110 --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used.
111 --tlsciphers string The list of acceptable ciphers to be used when establishing TLS connections. Use 'list' to list available ciphers. (default "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
112 --tlsmaxversion string The maximum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.3")
113 --tlsminversion string The minimum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.2")
114 --token string Bearer token for authentication to the API server
115 --user string The name of the kubeconfig user to use
116 --username string Username for basic authentication to the API server
117 --webhook-parallelism-limit int Number of webhook requests processed concurrently (default 50)
118 --x-frame-options value Set X-Frame-Options header in HTTP responses to value. To disable, set to "". (default "sameorigin")
119 ```
120
121 ### SEE ALSO
122
123 * [argocd-server version](argocd-server_version.md) - Print version information
124