ivy.webserver.yaml (a part of ivy.yaml)

[engineDir]/configuration/reference/ivy.webserver.yaml

  1# yaml-language-server: $schema=https://json-schema.axonivy.com/ivy/0.0.10/ivy.json
  2#
  3# -------------------------------------------
  4# Axon Ivy Web Server Configuration
  5# -------------------------------------------
  6#
  7# This file shows all configurations of the internal Web Server of the Axon Ivy Engine.
  8# https://developer.axonivy.com/doc/11.2/engine-guide/configuration/
  9# 
 10# Copy contents of this reference file to 'configuration/ivy.yaml' before adjusting them to your needs.
 11# https://developer.axonivy.com/doc/11.2/engine-guide/configuration/files/ivy-yaml.html
 12#
 13# By default this configuration enables all available features 
 14# of the Axon Ivy Engine so that all capabilities that might are used
 15# by a workflow project are accessible.
 16#
 17# 
 18# OVERRIDING:
 19# Any configuration value of this file can be set in alternative sources. 
 20# * environment variables: of the operating system can set app config entries. 
 21#    Their key must be prefixed with 'IVY_'. 
 22#    E.g. use 'IVY_CONNECTOR_HTTP_PORT' to override the port of the http connector.
 23#    https://developer.axonivy.com/doc/11.2/engine-guide/configuration/advanced-configuration.html#overriding-configuration
 24# 
 25
 26
 27# == REST Service Settings ==
 28#
 29# Configures the RESTful services provided.
 30# [restart required]
 31REST.Servlet:
 32  # Controls the REST servlet interface. If disabled no REST resources will be accessible. 
 33  # Calls to remote REST services are still possible.
 34  Enabled: true
 35  # Provides the general CSRF protection via 'X-Requested-By' header for REST services.
 36  CSRF.Protection: true
 37  # Controls whether the REST resources provided by the Axon Ivy Engine should be available or not
 38  API: true
 39  # Controls whether the REST resource for remote deployment under '/system/api/apps/{application}' 
 40  # is available or not
 41  Deployment: true
 42  # Allows the service developer to get diagnostic information about request processing by Jersey. 
 43  # Those diagnostic/tracing information are returned in response headers (X-Jersey-Tracing-nnn). 
 44  # On productive environments this feature should not be turned on.
 45  # [enum: OFF, ON_DEMAND, ALL]
 46  Tracing: "OFF"
 47
 48
 49
 50# == Miscellaneous Settings ==
 51#
 52# Session identifier will be renewed on login to prevent the 'Session Fixation' attack.
 53Session.RenewIdOnLogin: true
 54
 55# Name of the Ivy servlet context. Use a simple name without any special characters (e.g. ivy).
 56# [restart required]
 57WebServer.IvyContextName: ""
 58
 59# Disable it if you don't use the Mobile Offline Dialog feature.
 60# [restart required]
 61OfflineDialog.Enabled: true
 62
 63
 64
 65# == Web Server Connector Settings ==
 66Connector:
 67  # https://tomcat.apache.org/tomcat-9.0-doc/config/http.html
 68  # [restart required]
 69  HTTP:
 70    Enabled: true
 71    Port: 8080
 72    AcceptCount: 100
 73    Address: ""
 74    AllowTrace: false
 75    CompressibleMimeType: "text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json,application/xml"
 76    Compression: "off"
 77    ConnectionLinger: -1
 78    ConnectionTimeout: 60000
 79    DisableUploadTimeout: true
 80    EnableLookups: false
 81    MaxHttpHeaderSize: 8192
 82    MaxKeepAliveRequests: 100
 83    MaxPostSize: 2097152
 84    MaxSavePostSize: 4096
 85    MaxThreads: 200
 86    MinSpareThreads: 10
 87    NoCompressionUserAgents: ""
 88    ProxyName: ""
 89    ProxyPort:
 90    RedirectPort: 8443
 91    RestrictedUserAgents: ""
 92    Server: ""
 93    TcpNoDelay: true
 94    ThreadPriority: 5
 95    URIEncoding: UTF-8
 96    UseBodyEncodingForURI: false
 97    UseIPVHosts: false
 98    XpoweredBy: false
 99  # https://tomcat.apache.org/tomcat-9.0-doc/config/http.html
100  # [restart required]
101  HTTPS:
102    Enabled: false
103    Port: 8443
104    AcceptCount: 100
105    Address: ""
106    AllowTrace: false
107    ClientAuth: NONE
108    CompressibleMimeType: "text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json,application/xml"
109    Compression: "off"
110    ConnectionLinger: -1
111    ConnectionTimeout: 60000
112    DisableUploadTimeout: true
113    EnableLookups: false
114    KeyAlias: ""
115    # [password]
116    KeyPass: ""
117    KeystoreFile: configuration/keystore.p12
118    # [password]
119    KeystorePass: changeit
120    KeystoreType: "pkcs12"
121    MaxHttpHeaderSize: 8192
122    MaxKeepAliveRequests: 100
123    MaxPostSize: 2097152
124    MaxSavePostSize: 4096
125    MaxThreads: 200
126    MinSpareThreads: 10
127    NoCompressionUserAgents: ""
128    ProxyName: ""
129    ProxyPort:
130    RedirectPort: 8443
131    RestrictedUserAgents: ""
132    Server: ""
133    SslProtocol: TLS
134    SslHostConfig:
135      # The names of the protocols to support when communicating with clients.
136      # Multiple protocols can be enabled by separating them with a comma.
137      # [restart required]
138      # [examples: SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, all]
139      Protocols: all
140    TcpNoDelay: true
141    ThreadPriority: 5
142    TruststoreFile: ""
143    # [password]
144    TruststorePass: ""
145    TruststoreType: "JKS"
146    URIEncoding: UTF-8
147    UseBodyEncodingForURI: false
148    UseIPVHosts: false
149    XpoweredBy: false