ivy.yamlΒΆ
[engineDir]/configuration/reference/ivy.yaml
1#
2# -------------------------------------------
3# Axon Ivy Engine Configuration
4# -------------------------------------------
5#
6# This file shows configurations of the Axon Ivy Engine and its external systems.
7# https://developer.axonivy.com/doc/9.2/engine-guide/configuration/
8#
9# Copy contents of this reference file to 'configuration/ivy.yaml' before adjusting
10# them to your needs.
11# https://developer.axonivy.com/doc/9.2/engine-guide/configuration/files/ivy-yaml.html
12#
13# By default the engine is pre-configured to run in demo mode.
14# To run an engine in a productive environment at least the system database
15# must be configured.
16#
17# SECRETS / PASSWORDS:
18# Any configuration value can be encrypted just by enclosing it with "${encrypt:}".
19# * to encrypt the string myPassword write "${encrypt:myPassword}"
20# https://developer.axonivy.com/doc/9.2/engine-guide/configuration/advanced-configuration.html#passwords
21#
22# OVERRIDING:
23# Any configuration value provided here can be set in alternative sources.
24# * environment variables: of the operating system can set app config entries.
25# Their key must be prefixed with 'IVY_'.
26# E.g. use 'IVY_SYSTEMDB_URL' to override the jdbc driver url.
27# https://developer.axonivy.com/doc/9.2/engine-guide/configuration/advanced-configuration.html#overriding-configuration
28#
29
30
31
32# == System Database Settings ==
33#
34# Axon Ivy requires a System Database to store the state of running workflow applications.
35#
36# Unless you run the engine in Demo mode, a valid System DB driver, url and the user+password credentials
37# that are able to connect to the database are mandatory.
38#
39# [restart required]
40SystemDb:
41 # JDBC URL
42 Url: ""
43
44 # Name of the user to connect to system database. E.g. root, sa, admin, ivy, AxonIvy
45 # e.g. root
46 UserName: ""
47
48 # Password of the user to connect to the system database.
49 # e.g. "${encrypt:1234}"
50 # [password]
51 Password: ""
52
53 # If set to true the system database is automatically converted to the latest version during startup of the Axon Ivy Engine if needed.
54 Autoconvert: false
55
56 # Defines how long ivy should wait (in seconds) at startup for the availability of the db server
57 BootTimeout: 60
58
59 # JDBC Driver. If not set, it is auto determined based on the JDBC URL.
60 Driver: ""
61
62 # Additional driver specific connection properties.
63 DriverProperties:
64 #driverProperty: propertyValue
65
66 # Maximum number of connections to the system database.
67 MaxConnections: 50
68
69
70
71# == Adminstrators ==
72#
73# Administrators can configure, monitor and manage the Axon Ivy Engine.
74#
75# Email is used to send info mails like license expiration
76# FullName is used to display a nice name for this user.
77#
78# You should hash the password with "${hash:mySecret}".
79# The real password cannot be recovered from the hash.
80#
81# Default administrator in demo mode is 'admin' with password 'admin'
82#Administrators:
83
84 # Example admin user with username james and password mySecret
85 #
86 #james:
87 #Password: "${hash:mySecret}"
88 #Email: info@localhost
89 #FullName: James David
90
91
92
93# == Base Url ==
94#
95# Web address of the Axon Ivy Engine installation, such as https://yourdomain/.
96# This value is used to let ivy know how to refer to itself, ie. to create links in emails.
97# This is necessary because ivy cannot reliably detect such a URL from within itself.
98BaseUrl: ""
99
100
101
102# == Single Sign-on ==
103#
104# Single Sign-on allows to auto login users. Therefore a reverse proxy
105# in front of the Axon Ivy Engine must be installed which is responsible to authenticate
106# the user. The name of the user must then be transmitted as HTTP header.
107# Attention: Ensure exclusive access to the Axon Ivy Engine otherwise
108# attackers can easily login as another user.
109# https://developer.axonivy.com/doc/9.2/engine-guide/integration/single-sign-on
110# [restart required]
111SSO:
112 # Whether SSO is enabled or not
113 Enabled: false
114
115 # name of the HTTP header with the username which must be set by the reverse proxy
116 UserHeader: X-Forwarded-User
117
118
119
120# == Deployment Setting ==
121#
122Deployment:
123
124 # Directory where the server watches for files to deploy.
125 # https://developer.axonivy.com/doc/9.2/engine-guide/deployment
126 #
127 # You may want to use a UNC path to specify a remote network location.
128 Directory: deploy
129
130
131
132# == Data Settings ==
133#
134Data:
135
136 # Folder where applications are stored, unless otherwise defined in the deployment.
137 # If you change this path, proceed as follows...
138 # 1. Stop the engine
139 # 2. Change this path and move the existing applications to this new directory
140 # 3. Start the engine
141 # Absolute paths and relative paths are supported
142 # In demo mode not configurable and set to: [Data.WorkDirectory]/demo-applications
143 # [restart required] for existing apps
144 AppDirectory: applications
145
146 # Root folder where application files are stored.
147 # A change in this setting will NOT automatically move existing application files to the new location.
148 # A change will require to manually move existing files to the new directory.
149 # Absolute and relative (to the engine root directory) paths are supported.
150 # If not set the files will be stored underneath each application's file directory.
151 # [restart required] for existing apps
152 FilesDirectory: ""
153
154 # Directory where the server writes temporary working files to.
155 # [restart required]
156 WorkDirectory: work
157
158
159# == Data Cache Settings ==
160#
161DataCache:
162
163 # Invalidate data cache groups and entries. Checks if the lifetime of caches has ended and invalidates them.
164 # You can set the delay in milliseconds between each check. This delay has to be greater than 0.
165 InvalidationInterval: 60000
166
167
168# == Elasticsearch Settings ==
169#
170# Axon Ivy uses an Elasticsearch instance to provide a fast query interface against BusinessData.
171# The bundled instance is started on demand, in a separate JVM, when an API request needs it.
172#
173# You can operate Axon Ivy with the bundled Elasticsearch server or with your own external Elasticsearch cluster.
174#
175# [restart required] except for UserName and Password of ExternalServer
176Elasticsearch:
177
178 # The bundled Elasticsearch server...
179 # - is started in a separate JVM when a feature requires BusinessData access.
180 # - reachable only on 'localhost' but the access is unprotected.
181 # - JVM arguments used to start the bundled Elasticsearch server can be
182 # configured in the 'elasticsearch/config/jvm.options' file.
183 BundledServer:
184
185 # Path to the directory where the bundled Elasticsearch server stores data.
186 # It is recommended to configure a data directory that is located outsite of the Engine
187 # installation directory to ease the Engine migration to newer versions.
188 DataPath: elasticsearch/data
189
190 # Name of the cluster of the bundled Elasticsearch server.
191 ClusterName: ivy-elasticsearch-{uid}
192
193 # Whether the bundled Elasticsearch server should be started lazy or not.
194 # If set to true the bundled Elasticsearch server will be started on first usage
195 # otherwise the Elasticsearch server will be started on engine startup.
196 LazyStart: false
197
198
199 # Configure the URL of your own Elasticsearch server if you want to use it instead of the bundled server.
200 #
201 # To install your own Elasticsearch server follow these steps
202 # https://www.elastic.co/guide/en/elasticsearch/reference/current/setup.html
203 #
204 # Currently Axon Ivy supports Elasticsearch server versions in the 7.3.x range.
205 # If your Elasticsearch server is running on another host, the access to that instance has to be protected.
206 # You can achieve that with a front-end webserver like NGINX that enforces basic authentication.
207 ExternalServer:
208
209 # Configure the URL of your own Elasticsearch server if you want to use it instead of the bundled server.
210 Url: ""
211
212 # Name of the user to use to authenticate in the external Elasticsearch server
213 UserName: ""
214
215 # Password of the user to use to authenticate in the external Elasticsearch server.
216 # e.g. "${encrypt:}"
217 # [password]
218 Password: ""
219
220 # Defines how long ivy should wait (in seconds) for the availability of the external Elasticsearch server while booting.
221 BootTimeout: 60
222
223 # For every business data type an Elasticsearch index will be created. E.g. for type ch.ivy.Dossier the index name is <NamePrefix>-ch.ivy.dossier.
224 Index:
225 # The name prefix of the index to use to store business data.
226 # If multiple ivy Engines use the same Elasticsearch server instance, you need to change this property, that every ivy Engine has an unique indices.
227 NamePrefix: ivy.businessdata
228
229 Reindex:
230 # The number of business data objects that should be read in one batch from the system database
231 ReadWindowSize: 1000
232 # The number of business data objects that should be write in one batch to Elasticsearch
233 WriteWindowSize: 1000
234 # The size of the queue that is used to store business data objects read from the database
235 # until they are written to the Elasticsearch
236 QueueSize: 10000
237
238
239 # Configures the Elasticsearch client. The client is the ivy engine which communicates with Elasticsearch.
240 Client:
241 # Maximum seconds to wait until a connection to Elastisearch can be established.
242 ConnectTimeout: 10
243
244 # Maximum seconds to wait for data sent by Elastisearch.
245 # Raise this value if large datasets are expected.
246 ReadTimeout: 30
247
248
249
250
251# == EMail Settings ==
252#
253EMail:
254 Server:
255 Host: ""
256
257 Port: -1
258
259 # Email address that will be used for emails sent by the server (e.g. task notification emails)
260 MailAddress: noreply@ivyserver.local
261
262 User: guest
263
264 # [password]
265 Password: ""
266
267 # [enum: NONE, START_TLS, SSL]
268 EncryptionMethod: NONE
269
270 SSL:
271 KeyAlias: ""
272
273 UseKey: false
274
275 DailyTaskSummary:
276 # Time of day when the task summary mails will be sent.
277 # The engine must be running at this time otherwise the daily task summary mails will not be sent.
278 # Format is hh:mm. e.g. "02:00" or "14:15"
279 # [daytime]
280 TriggerTime: "00:00"
281
282
283
284# == Show Error Messages To End Users Settings ==
285#
286# When an error occurs while processing a user request an error screen is displayed to the user.
287#
288# The displayed error page can be customized for your needs:
289# https://developer.axonivy.com/doc/9.2/engine-guide/configuration/files/web-xml.html
290#
291Errors:
292 # Whether stacktraces, detailed error reports, etc. should be shown to end users.
293 #
294 # By default (false) we only show a unique 'Error Id'. This 'Error Id' can be used to find the error in the log files.
295 #
296 # For security reasons normal users should not see technical implementation details.
297 # But in development or pre-production environments it might be save to show the full error
298 # details directly to the end user.
299 ShowDetailsToEndUser: false
300
301
302
303# == Persistence Setting ==
304#
305Persistence:
306 JPA:
307 # Persist ivyScript auto initialized fields with NULL values. Affects types are...
308 # - ch.ivyteam.ivy.scripting.objects.Date
309 # - ch.ivyteam.ivy.scripting.objects.DateTime
310 # - ch.ivyteam.ivy.scripting.objects.Time
311 # If this option is disabled auto initialized values are stored as before Axon Ivy 6.4.
312 defaultInitializedAsNull: true
313
314
315
316# == Process Element Firing Statistic Settings ==
317#
318ProcessEngine:
319 FiringStatistic:
320
321 # If activated, a process element statistic is written periodically to the log-directory. If activated may slow down the server performance.
322 Active: false
323
324 # Interval in seconds the 'process element statistic' is written to the log directory
325 Interval: 300
326
327
328
329# == SSL Client Settings ==
330#
331SSL:
332 Client:
333 # A key store is used to read client keys (certificates).
334 # This is only required if a remote server requests a client certificate in order to authenticate the client.
335 KeyStore:
336 UseCustom: false
337 # [password]
338 KeyPassword: changeit
339 Algorithm: SunX509
340 File: configuration/keystore.p12
341 # [password]
342 Password: changeit
343 Provider: ""
344 Type: pkcs12
345
346 # A trust store is used to specify trusted server certificates or certificates of certification authorities.
347 # An SSL client autenticates a server by using the certificates in a trust store.
348 # Self signed or signed by an unknown certification authority can be added to this trustore.
349 TrustStore:
350 File: configuration/truststore.p12
351 Algorithm: PKIX
352 # [password]
353 Password: changeit
354 Provider: ""
355 Type: pkcs12
356
357 # Full qualified class name of a trust manager class that is used to validate server certificates.
358 # If configured the system trustore of the JVM and the configured trustore are not in charge.
359 ManagerClass: ""
360
361
362
363# == Workflow Settings ==
364#
365Workflow:
366
367 # Whether done cases and tasks can be seen by substitutes of the user who has worked on them.
368 # [enum: VISIBLE, INVISIBLE]
369 History.ForSubstitutes: VISIBLE
370
371
372# == Failure Behaviour ==
373#
374SystemTask:
375 # Defines the behaviour in case a system task fails.
376 # [enum: FAIL_TASK_DO_RETRY, FAIL_TASK_DO_NOT_RETRY, DESTROY_TASK, DESTROY_CASE]
377 Failure.Behaviour: FAIL_TASK_DO_RETRY
378
379 # Interval in seconds between executions of the search job for system tasks.
380 # The job searches system tasks that were not executed because of failures.
381 SearchJob.Interval: 900
382
383
384
385# == Thread Pools Settings ==
386#
387ThreadPool:
388 # Executes process engine background operations like Database, WebService calls, etc.
389 BackgroundOperationExecutor:
390 # Minimum number of threads
391 CorePoolSize: 5
392 # Maximum number of threads
393 MaximumPoolSize: 200
394
395 # Executes unscheduled jobs
396 ImmediateJobExecutor:
397 # Minimum number of threads
398 CorePoolSize: 5
399 # Maximum number of threads
400 MaximumPoolSize: 50
401
402 # Executes scheduled jobs
403 ScheduledJobExecutor:
404 # Minimum number of threads
405 CorePoolSize: 5
406
407
408
409# == Update Checker Settings ==
410#
411# When newer Axon Ivy versions are available a message will be displayed on the Axon Ivy Engine main web page.
412# The update message contains information about the new versions and where those can be downloaded.
413#
414# While checking for new versions the following statistic information are sent to the update server.
415# These information are only used to improve the product:
416# - Engine (version, up time)
417# - Configuration (number of: cluster nodes, users, licenced users, applications, process model, process model version, deleted process model version, running cases, running tasks)
418# - Licence information (number, organisation, individual)
419# - Operating system information (name, version, architecture, number of processors)
420# - System database (product name and version, driver, identification number)
421# - Java memory information (maximum heap memory, maximum non heap memory)
422# - JVM (Java virtual machine) information (version, vendor, name)
423# - Host information (host name, SHA-256 hashes of IP address and MAC address to identify the host without being able to read the original IP address and MAC address itself)
424#
425UpdateChecker:
426 # Whether Update notification messages are shown and statistic information are sent to the update server
427 Enabled: true
428
429 # Time of day when a update check will be executed
430 # The engine must be running at this time otherwise the update check will not be executed.
431 # Format is hh:mm. e.g. "02:00" or "14:15"
432 # [daytime]
433 ExecutionTime: ""
434
435
436
437Boot:
438 # Switch to maintencance mode if a configuration problem is detected during startup.
439 # If set to DISABLED you can explicit start the engine in maintenance mode by using the command line option '-maintenance'.
440 # [enum: AUTO, DISABLED]
441 MaintenanceMode: AUTO
442
443
444
445Cluster:
446 # The name of this node.
447 # If not configured a random name is generated.
448 # The name of a node is also used as jvm route identifier, which is used by some load balancer to provide sticky sessions.
449 # https://developer.axonivy.com/doc/9.2/engine-guide/integration/cluster
450 # [restart required]
451 NodeName: ""