stork-server - Main Stork server




stork-server provides the main Stork server capabilities. In every Stork deployment, there should be exactly one Stork server.


stork-server takes the following arguments:

-h or --help

the list of available parameters.

-v or --version

the stork-server version.

-m or --metrics

enable the periodic metrics collector and /metrics HTTP endpoint for Prometheus. This endpoint requires no authentication and it is recommended to restrict external access to it (e.g. using the HTTP proxy). (default: disabled)

-u or --db-user

the user name to be used for database connections. (default: stork) [$STORK_DATABASE_USER_NAME]


the name of the host where the database is available. (default: localhost) [$STORK_DATABASE_HOST]

-p or --db-port

the port on which the database is available. (default: 5432) [$STORK_DATABASE_PORT]

-d or --db-name=

the name of the database to connect to. (default: stork) [$STORK_DATABASE_NAME]


the SSL mode for connecting to the database (i.e., disable, require, verify-ca or verify-full). (default: disable) [$STORK_DATABASE_SSLMODE]


the location of the SSL certificate used by the server to connect to the database. [$STORK_DATABASE_SSLCERT]


the location of the SSL key used by the server to connect to the database. [$STORK_DATABASE_SSLKEY]


the location of the root certificate file used to verify the database server’s certificate. [$STORK_DATABASE_SSLROOTCERT]


enable tracing SQL queries: “run” - only run-time, without migrations), “all” - migrations and run-time. [$STORK_DATABASE_TRACE]


the period to wait before killing idle connections. (default: 10s)


the period to wait before shutting down the server. (default: 15s)


the maximum number of bytes the server reads parsing the request header’s keys and values, including the request line. It does not limit the size of the request body. (default: 1MiB)


the IP to listen on for connections over the REST API. [$STORK_REST_HOST]


the port to listen on for connections over the REST API. (default: 8080) [$STORK_REST_PORT]


the maximum number of outstanding requests.


the TCP keep-alive timeout on accepted connections. It prunes dead TCP connections ( e.g. closing laptop mid-download). (default: 3m)


the maximum duration before timing out a read of the request. (default: 30s)


the maximum duration before timing out a write of the response. (default: 60s)


the certificate to use for secure connections. [$STORK_REST_TLS_CERTIFICATE]


the private key to use for secure connections. [$STORK_REST_TLS_PRIVATE_KEY]


the certificate authority file to be used with a mutual TLS authority. [$STORK_REST_TLS_CA_CERTIFICATE]


the directory with static files for the UI. [$STORK_REST_STATIC_FILES_DIR]

The --db-sslmode argument can have one of the following values:


disable encryption between the Stork server and the PostgreSQL database.


use secure communication but do not verify the server’s identity unless the root certificate location is specified and that certificate exists If the root certificate exists, the behavior is the same as in case of verify-ca mode.


use secure communication and verify the server’s identity by checking it against the root certificate stored on the Stork server machine.


use secure communication, verify the server’s identity against the root certificate. In addition, check that the server hostname matches the name stored in the certificate.

Note that there is no argument for database password, as the command-line arguments can sometimes be seen by other users. It can be passed using the STORK_DATABASE_PASSWORD variable.

Mailing Lists and Support

There are public mailing lists available for the Stork project. stork-users (stork-users at is intended for Stork users. stork-dev (stork-dev at is intended for Stork developers, prospective contributors, and other advanced users. The lists are available at The community provides best-effort support on both of those lists.

Once stork becomes more mature, ISC will provide professional support for Stork services.


stork-server was first coded in November 2019 by Michal Nowikowski and Marcin Siodelski.

See Also