Configuration files
Contents
This section describes how to configure Enonic XP and installed 3rd party applications.
XP_HOME/config
The XP_HOME/config/ folder contains all instance specific configuration.
Format
All configuration files (both .cfg and .properties) use the properties format. This is a simple key = value format.
mySetting = true
another.setting = Not so sure
multiline.value = another \
line
Variables
XP also offers support for value variables, as this is often useful to handle dynamic settings.
another.setting = ${myvaraible}
somePath = ${xp.home}/myfolder
.properties vs .cfg
When changing files ending with .cfg, it’s respective application will automatically restart with the new configuration. Files ending with .properties require a full restart of the XP instance to be applied.
In a clustered environment, configuration files must be distributed to all nodes where it is relevant.
Custom config
To provide file based configuration to custom applications, simply place a file with the name <app-name>.cfg
i.e. my.custom.app.cfg
. in the XP_HOME/config/
folder, and it will instantly be available for the application.
Changing these files while XP is running will restart the application. When the application boots, it will use the new version of the configuration.
This configuration is instantly available for developers via the global app
object.
Standard config files
The following are standard configuration files for Enonic XP
System Properties
XP_HOME/config/system.properties
Changes to this file requires a full restart of the XP instance in order to take effect.
# Installation settings
# xp.name = demo
# Global security settings
# xp.suPassword = password
# xp.suPassword = {sha1}5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
# Initialization settings
# xp.init.adminUserCreation = true
# xp.init.maxTries = 900
# Configuration FileMonitor properties
# felix.fileinstall.poll = 1000
# felix.fileinstall.noInitialDelay = true
# Config loading properties
# xp.config.paths = ${xp.home}/appconfig,/usr/local/xp/${node.role},/etc/xp/config
- xp.name
-
sets the name displayed to users from the admin console main menu, use to clarify what environment the user is working in
- xp.suPassword
-
override su user’s password in database, if any. Can also be used with hashing, the following are supported:
sha1
,sha256
,sha512
andmd5
. - xp.init.maxTries
-
Number of attampts system initializers will do to check if initialization is done. Default is
300
(which equals to 5 minutes) - before XP 7.14.3 and 900 (which equals to 5 minutes) after. - xp.stop.gracePeriod
-
Time in milliseconds XP waits for all services to stop. Default is
600000
(10 minutes). Before XP 7.14.3 value was 10000 (10 seconds) and not configurable. - felix.fileinstall.poll
-
Frequency in ms for how often the configuration folders are scanned for changes
- xp.config.paths
-
Config folders to scan in addition to
XP_HOME/config/
. Useful for fine grained control over configuration management. Folders will be scanned in the defined order. The first file found per configuration will be used.
Vhost
XP_HOME/config/com.enonic.xp.web.vhost.cfg
The standard XP port (default: 8080) provides access to webapps/
, site/
and admin/
endpoints. Vhosts enable you to define controlled and secured access to a single webapp, site or even the admin console.
Virtual hosts are automatically updated upon change.
enabled = true
mapping.myapp.host = company.com
mapping.myapp.source = /app
mapping.myapp.target = /webapp/name.of.my.app
mapping.myapp.idProvider.myldap = default
- enabled
-
turns on or of vhosts, enabled = false should only be used for development purposes
- host
-
specifies the hostname (aka domain) the vhost will handle
- source
-
refers to basepath used in request, sample above handles company.com/app
- target
-
is the internal route in XP to the specific endpoint/service
- idProvider
-
optionally adds one or more idProviders to the vhost.
idProvider
must be followed by the name of an existing idProvider. The example above refers to the idProvider calledmyldap
. Supported values aredefault
orenabled
. Only one entry may usedefault
.
Each mapping must define a unique name to separate the mappings when multiple mappings in the same file. In the example above myapp is used. |
mapping.website.host = example.com
mapping.website.source = /
mapping.website.target = /site/default/master/website
mapping.website.idProvider.adfs = default
mapping.website.idProvider.system = enabled
mapping.admin.host = example.com
mapping.admin.source = /admin
mapping.admin.target = /admin
mapping.admin.idProvider.system = default
XP_HOME/config/com.enonic.xp.mail.cfg
Use this file to configure global mail server settings for XP.
smtpHost=mail.server.com
smtpPort=25
smtpAuth=true
smtpUser=user
smtpPassword=secret
smtpTLS=true
defaultFromEmail=noreply@domain.com
- smtpHost
-
Host name of the SMTP server. Default:
localhost
. - smtpPort
-
TCP port of the SMTP server. Default:
25
. - smtpAuth
-
Enable authentication with SMTP server. Default:
false
- smtpUser
-
User to be used during authentication with the SMTP server, if ‘smtpAuth = true`.
- smtpPassword
-
Password to be used during authentication with the SMTP server, if ‘smtpAuth = true`.
- smtpTLS
-
Turns on Transport Layer Security (TLS) security for SMTP if required. Default:
false
. - defaultFromEmail
-
Default email address to use as sender for all emails sent from XP if sender is not explicitly specified.
Repo
XP_HOME/config/com.enonic.xp.repo.cfg
Use this file to configure the node repository layer.
cache.size = 1000000
snapshots.dir = ${xp.home}/snapshots
- cache.size
-
Specifies the maximum number of nodes to keep in memory. Default:
100000
- snapshots.dir
-
Specifies the root location for where to find and place snapshot files. Default:
${xp.home}/snapshots
If you change this value, remember to update value for path.repo in com.enonic.xp.elasticsearch.cfg as well. |
Blobstore
XP_HOME/config/com.enonic.xp.blobstore.cfg
Control settings for the blobstore persistence layer.
provider = file
cache = true
cache.sizeThreshold = 1mb
cache.FCapacity = 100mb
- provider
-
is the blobstore provider to use. Default value is
file
. Other providers will be made available in future releases. Each provider will have a separate configuration file namedcom.enonic.xp.blobstore.<providername>.cfg
- cache
-
enables or disables memory caching of blobs fetched from the blobstore. Default: true
- cache.sizeThreshold
-
specifies the maximum size for objects to be cached. Default: 1mb. The size notation accepts a number plus byte-size identifier (b/kb/mb/gb/tb/pb)
- cache.memoryCapacity
-
is the maximum memory footprint of the blob cache. Default: 100mb. The size notation accepts a number plus byte-size identifier (b/kb/mb/gb/tb/pb)
File blobstore
XP_HOME/config/com.enonic.xp.blobstore.file.cfg
Control settings for the file-based blobstore implementation
baseDir = ${xp.home}/repo/blob
readThrough.provider = none
readThrough.enabled = false
readThrough.sizeThreshold = 100mb
- baseDir
-
specifies root location of blobs. Default:
`${xp.home}/repo/blob
. - readThrough.enabled
-
enables or disables readthough provider. Default:
false
. - readThrough.sizeThreshold
-
specifies he maximum size of objects to be cache in readthrough provider. Default: 100mb. The size notation accepts a number plus byte-size idenfier (b/kb/mb/gb/tb/pb)
Cluster
XP_HOME/config/com.enonic.xp.cluster.cfg
Basic cluster settings
cluster.enabled = false
node.name = Anode
discovery.unicast.hosts = 127.0.0.1
network.host = 127.0.0.1
network.publish.host = 127.0.0.1
- cluster.enabled
-
When
true
node wil try to join a cluster. Default:false
. - node.name
-
should normally not be set. Default: auto generated value
- discovery.unicast.hosts
-
is an explicit list of nodes that can join the cluster. Default:
127.0.0.1
. - network.host
-
sets the bind address. Default:
127.0.0.1
. Can be an explicit IP-address, a host-name or an alias. See the section below for an overview of aliases. - network.publish.host
-
sets the address other nodes will use to communicate with this node. Default: not set (
127.0.0.1
before XP 7.5.0). Cannot be more than one IP-address. Can be an explicit IP-address, a host-name or an alias. See the section below for an overview of aliases.
Using host-name values is not recommended because DNS can be spoofed. NOTE: Values set as host-name are resolved to a single IP-address of the host-name. |
Network host aliases:
-
_local_
: Will be resolved to the local ip address. -
_[networkInterface]_
: Resolves to the ip address of the provided network interface. For example_en0_
-
_[networkInterface]:ipv4_
: Resolves to the ipv4 address of the provided network interface. For example_en0:ipv4_
-
_[networkInterface]:ipv6_
: Resolves to the ipv6 address of the provided network interface. For example_en0:ipv6_
Elasticsearch
XP_HOME/config/com.enonic.xp.elasticsearch.cfg
Tuning of all relevant settings for the embedded Elasticsearch component
node.data = true
node.master = true
path = ${xp.home}/repo/index
path.data = ${path}/data
path.repo = ${xp.home}/snapshots
path.work = ${path}/work
path.conf = ${path}/conf
path.logs = ${path}/logs
path.plugins = ${path}/plugins
cluster.name = mycluster
cluster.routing.allocation.disk.threshold_enabled = false
http.enabled = false
transport.tcp.port = 9300-9400
gateway.expected_nodes = 1
gateway.recover_after_time = 5m
gateway.recover_after_nodes = 1
discovery.zen.minimum_master_nodes = 1
discovery.unicast.port = 9300
index.recovery.initial_shards = 1
discovery.unicast.sockets =
- node.data
-
Allow data to be distributed to this node. Default:
true
. - node.master
-
Allow this node to be eligible as a master node. Default:
true
. - path
-
Path to directory where elasticsearch stores files. Default:
${xp.home}/repo/index
. Should be on a local file-system, not sharded. - path.data
-
Path to directory where to store index data allocated for this node. Default:
$path/data
. - path.repo
-
Allowed location for placing snapshots. NB! Use same value as for
snapshots.dir
as specified incom.enonic.xp.repo.cfg
- path.work
-
Path to temporary files. Default:
${xp.home}/repo/index/work
. - path.conf
-
Path to directory containing configuration. Default:
$path/conf
. - path.logs
-
Path to log files. Default:
${xp.home}/repo/index/logs
. - path.plugins
-
Path to where plugins are installed. Default:
$path/plugins
. - cluster.name
-
Elasticsearch cluster name. Default:
mycluster
. - cluster.routing.allocation.disk.threshold_enabled
-
Prevent shard allocation on nodes depending on disk usage. Default:
false
. - http.enabled
-
Enable the HTTP module. Default false.
- transport.tcp.port
-
Custom port for the node to node communication. Default:
9300-9400
. - gateway.expected_nodes
-
Number of nodes expected to be in the cluster to start the recovery immediately. Default:
1
. - gateway.recover_after_time
-
Time to wait until recovery happens once the nodes are met. Default:
5m
. - gateway.recover_after_nodes
-
Number of nodes expected to be in the cluster to start the recovery after gateway.recover_after_time. Default:
1
. - discovery.unicast.port
-
List of ports to perform discovery when new nodes are started. Default:
9300
. - discovery.unicast.sockets
-
Comma separated list of hosts to be discovered as seed nodes.
- index.recovery.initial_shards
-
Number of shards expected to be found on full cluster restart per index. Default:
quorum
. - index.auto_expand_replicas
-
Auto-expand the number of replicas based on the number of available nodes. Set to a dash delimited lower and upper bound (e.g. 0-5) or use all for the upper bound (e.g. 0-all). Defaults to
false
(i.e. disabled).
Hazelcast
XP_HOME/config/com.enonic.xp.hazelcast.cfg
Tuning of all relevant settings for the embedded Hazelcast component
network.port=5702
network.join.tcpIp.members=127.0.0.1:5701,127.0.0.1:5702
system.hazelcast.initial.min.cluster.size=2
clusterConfigDefaults=false
system.hazelcast.initial.min.cluster.size=2
network.join.tcpIp.enabled=false
network.join.kubernetes.enabled=true
network.join.kubernetes.serviceDns=main.default.svc.cluster.local
clusterConfigDefaults=false
system.hazelcast.initial.min.cluster.size=2
network.join.tcpIp.enabled=false
network.join.kubernetes.enabled=true
network.join.kubernetes.serviceName=cluster-discovery
network.join.kubernetes.namespace=my-namespace
network.join.kubernetes.kubernetesApiRetries=10
network.join.kubernetes.resolveNotReadyAddresses=true
- clusterConfigDefaults
-
If true some properties set based on xp cluster configuration. Default:
true
- liteMember
-
Hazelcast Lite member which does not own any partitions. Default:
false
. - network.port
-
Custom port for the node to node communication. Default:
5701
. - network.portCount
-
How many ports try to bind while searching for available port. Default:
100
. - network.portAutoIncrement
-
Enables available port search. Default:
false
. - network.publicAddress
-
Overrides the public address of a member. It should be set in the format "host IP address:port number". Ignored when clusterConfigDefaults is
true
. - network.join.multicast.enabled
-
Enable Multicast discovery. Default:
false
. - network.join.kubernetes.enabled
-
Enable Kubernetes discovery. Default:
false
. - network.join.kubernetes.serviceDns
-
Service DNS for Kubernetes discovery. If not set, discovery over Kubernetes API is used. Default is not set.
- network.join.kubernetes.namespace
-
Kubernetes Namespace where Hazelcast is running. Default is not set.
- network.join.kubernetes.serviceName
-
Service name used to scan only PODs connected to the given service. Default is not set.
- network.join.kubernetes.serviceLabelName
-
Service label used to tag services that should form the Hazelcast cluster together. Default is not set.
- network.join.kubernetes.serviceLabelValue
-
Service value used to tag services that should form the Hazelcast cluster together. Default is not set.
- network.join.kubernetes.podLabelName
-
POD label used to tag PODs that should form the Hazelcast cluster together. Default is not set.
- network.join.kubernetes.podLabelValue
-
POD value used to tag PODs that should form the Hazelcast cluster together. Default is not set.
- network.join.kubernetes.resolveNotReadyAddresses
-
If set to
true
, it checks also the addresses of PODs which are not ready. Default:false
. - network.join.kubernetes.useNodeNameAsExternalAddress
-
If set to
true
, uses the node name to connect to a NodePort service instead of looking up the external IP using the API. Default:false
. - network.join.kubernetes.kubernetesApiRetries
-
Number of retries in case of issues while connecting to Kubernetes API. Default:
3
. - network.join.tcpIp.enabled
-
Enable TcpIP discovery. Default:
true
. - network.join.tcpIp.members
-
Comma separated list of well-known members. If not provided and clusterDefaults=true then cluster’s discovery.unicast.hosts used instead.
- network.interfaces.enabled
-
Enables specification of which network interfaces that Hazelcast should use. Default:
false
. Ignored when clusterConfigDefaults istrue
. - network.interfaces
-
Comma separated list of ip addresses for binding. Ignored when clusterConfigDefaults is
true
. - network.restApi.enabled
-
Enable Hazelcast REST API. Default:
false
. - network.restApi.restEndpointGroups
-
Comma separated list of REST API Endpoint Groups. Default:
HEALTH_CHECK, CLUSTER_READ
. - partition.group.enabled
-
Enable partition grouping. Default:
false
. - partition.group.groupType
-
Partition grouping type. Default:
PER_MEMBER
. - system.hazelcast.phone.home.enabled
-
Enable or disable the sending of phone home data to Hazelcast’s phone home server. Default:
true
. - system.hazelcast.socket.bind.any
-
Bind both server-socket and client-sockets to any local interface. Default:
true
. - system.hazelcast.initial.min.cluster.size
-
Initial expected cluster size to wait before the node to start completely. Default:
2
. - system.hazelcast.prefer.ipv4.stack
-
Prefer IPv4 Stack, don’t use IPv6. Default:
true
. - system.hazelcast.tcp.join.port.try.count
-
The number of incremental ports, starting with the port number defined in the network configuration, that is used to connect to a host. Default:
1
. - system.hazelcast.max.no.heartbeat.seconds
-
Maximum timeout of heartbeat in seconds for a member to assume it is dead. Default:
60
. - system.hazelcast.heartbeat.interval.seconds
-
Heartbeat send interval in seconds. Default:
5
. - system.hazelcast.mastership.claim.timeout.seconds
-
Timeout which defines when master candidate gives up waiting for response to its mastership claim. Default:
120
. - hazelcast.wait.seconds.before.join
-
Wait time in seconds before join operation. Default:
5
. - hazelcast.max.wait.seconds.before.join
-
Maximum wait time in seconds before join operation Default:
20
.
In case of using Kubernetes API discovery each node makes a call to Kubernetes Master in order to discover PODs. It also requires granting certain permissions. You can find more information in the documentation of Hazelcast Discovery Plugin for Kubernetes. |
Admin
XP_HOME/config/com.enonic.xp.admin.cfg
General setting for /admin
site.preview.contentSecurityPolicy=
site.preview.contentSecurityPolicy=default-src 'self'; base-uri 'self'; form-action 'self'; script-src 'self' maps.googleapis.com; object-src 'none'; img-src * data:; style-src * 'unsafe-inline'; font-src * data:
- site.preview.contentSecurityPolicy
-
Defines default value for Content-Security-Policy header for the site engine - when running in Admin Context. The policy is applied in
preview
andinline
mode - if the page controllers do not specify a Content-Security-Policy header itself. Default:default-src 'self'; base-uri 'self'; form-action 'self'; script-src 'self'; object-src 'none'; img-src * data:; style-src * 'unsafe-inline'; font-src * data:
Home app
XP_HOME/config/com.enonic.xp.app.main.cfg
# Disable the "Welcome tour". Default: false
tourDisabled = true
- tourDisabled
-
Specify if welcome tour should be enabled or not. Default:
false
Applications app
XP_HOME/config/com.enonic.xp.app.applications.cfg
readonlyMode = true
- readonlyMode
-
Activate read only mode to prevent installation and stop/start of applications via UI. Default:
false
Jetty
XP_HOME/config/com.enonic.xp.web.jetty.cfg
Selected options to configure the embedded servlet engine Jetty
host =
sendServerHeader = false
# Connection
timeout = 60000
# HTTP settings
http.enabled = true
http.port = 8080
http.requestHeaderSize = 32768
http.responseHeaderSize = 32768
# Session
session.timeout = 60
session.cookieName = JSESSIONID
# Compression
gzip.enabled = true
gzip.minSize = 23
# Logging
log.enabled = false
log.file = ${xp.home}/logs/jetty-yyyy_mm_dd.request.log
log.append = true
log.extended = true
log.timeZone = GMT
log.retainDays = 31
# Thread Pool
threadPool.maxThreads = 200
threadPool.minThreads = 8
threadPool.idleTimeout = 60000
# Websocket
websocket.idleTimeout = 300000
- host
-
should only be set this if host name (or ip) needs to be fixed.
- sendServerHeader
-
True to send server name in header. Default:
false
. - timeout
-
specifies socket timeout for connections in ms.
- http.enabled
-
true enables HTTP connections. Default:
true
. - http.port
-
specifies http port number to use. Default:
8080
. - http.requestHeaderSize
-
Maximum request header size. Default: 32K.
- http.requestHeaderSize
-
Maximum response header size. Default: 32K.
- session.timeout
-
Session timeout (when inactive) in minutes. Default:
60
. - session.cookieSameSite
-
:: Specifies SameSite flag for session cookie. Can be
Lax
,None
,Strict
or unspecified. Default:Lax
. - session.cookieAlwaysSecure
-
:: If true, forces session cooke Secure flag even for HTTP connections. Default:
false
. - session.cookiename
-
Cookie name to use for sessions. Default:
JSESSIONID
. - gzip.enabled
-
Enables GZIP compression for responses. Default:
true
. - gzip.minsize
-
Minimum number of bytes in response to consider compressing the response. Default:
23
. - log.enabled
-
Turns on request logging. Default:
false
. - log.file
-
Request log file location. Default:
${xp.home}/logs/jetty-yyyy_mm_dd.request.log
. - log.append
-
append to existing file, or create new one when started. Default:
true
. - log.extended
-
turns on extended logging format. Default:
true
. - log.timeZone
-
Timezone to display timestamp in. Default:
GMT
. - log.retainDays
-
Number of days to retain the logs. Default:
31
. - threadPool.maxThreads
-
Maximum number of threads. Default:
200
. - threadPool.minThreads
-
Minimum number of threads. Default:
8
. - threadPool.idleTimeout
-
Thread idle timeout (in milliseconds). Default:
60000
. - websocket.idleTimeout
-
The time (in milliseconds) that a websocket may be idle before closing. Default:
300000
.
Setting session.cookieAlwaysSecure to true would make session-involved login on HTTP connections impossible. |
SessionStore
XP_HOME/config/com.enonic.xp.web.sessionstore.cfg
storeMode = replicated
saveOnCreate = true
flushOnResponseCommit = true
- storeMode
-
Switches between SessionStore mode. Can be
replicated
ornon-persistent
. In Replicated mode sessions are distributed over nodes in the cluster using Jetty-Hazelcast integration. Default:non-persistent
. - savePeriodSeconds
-
A non-zero value means that session won’t be persisted if only the access time changed, and it has been less than savePeriodSeconds since the last time the session was written. Has no effect in non-persistent storeMode. Default:
0
. - gracePeriodSeconds
-
Specifies how many seconds to wait for non-session-owner nodes to be checked to verify an expired session is in fact expired throughout the cluster before closing it. Has no effect in non-persistent storeMode. Default:
3600
. - saveOnCreate
-
Controls whether a session that is newly created will be immediately (true) or lazily (false) persisted as the last request for the session exits. Has no effect in non-persistent storeMode. Default:
false
. - flushOnResponseCommit
-
Controls whether a session that is changed ("dirty") will be persisted as the response is about to commit. If false, a dirty session will only be persisted when the last simultaneous request for it leaves the session. Has no effect in non-persistent storeMode. Default:
false
.
Media
XP_HOME/config/com.enonic.xp.media.cfg
Specify additional mime types if you are missing something.
# Media type mappings
ext.mp3 = audio/mpeg3
ext.p = text/x-pascal
- ext.<file-extension>
-
value must match a defined mime type
OSGi shell
XP_HOME/config/com.enonic.xp.server.shell.cfg
Optionally activate shell to manage OSGi bundles remotely
enabled = true
telnet.ip = 127.0.0.1
telnet.port = 5555
telnet.maxConnect = 2
telnet.socketTimeout = 0
- enabled
-
turns on shell service. Default:
false
. - telnet.ip
-
Default:
127.0.0.1
- telnet.port
-
Port to use for service. Default:
5555
. - telnet.maxConnect
-
Maximum number of concurrent connections. Default:
2
. - telnet.socketTimeout
-
Default:
0
DoS filter
XP_HOME/config/com.enonic.xp.web.dos.cfg
Activate and configure the DoS (Denial Of Service) feature.
enabled = true
maxRequestsPerSec = 25
delayMs = 100
maxWaitMs = 50
throttledRequests = 5
throttleMs = 30000
maxRequestMs = 30000
maxIdleTrackerMs = 30000
insertHeaders = true
trackSessions = true
remotePort = false
ipWhitelist =
- enabled
-
enables the DOS filter. Default:
false
. - maxRequestsPerSec
-
Maximum number of requests from a connection per second. Requests in excess of this are first delayed, then throttled. Default:
25
. - delayMs
-
Delay imposed on all requests over the rate limit. -1 = reject request, 0 delay. Default:
100
. - maxWaitMs
-
Duration in ms to blocking wait for the throttle semaphore. Default:
50
. - throttledRequests
-
Number of requests over the rate limit to be considered at once. Default:
5
. - throttleMs
-
Duration in ms to async wait for semaphore. Default:
30000
. - maxRequestMs
-
Duration in ms to allow the request to run. Default:
30000
. - maxIdleTrackersMs
-
Duration in ms to keep track of request rates for a connection, before deciding that the user has gone away, and discarding it. Default:
30000
. - insertHeaders
-
If true, insert the DoSFilter headers into the response. Default:
true
. - trackSessions
-
If true, usage rate is tracked by session if a session exists. Default:
true
. - remotePort
-
If true and session tracking is not used, then rate is tracked by IP+port (effectively connection). Default:
false
. - ipWhitelist
-
A comma-separated list of IP addresses that will not be rate limited.
Header Filter
XP_HOME/config/com.enonic.xp.web.header.cfg
Configure default HTTP response headers.
headerConfig = set X-Frame-Options: SAMEORIGIN,set X-XSS-Protection: 1; mode=block,set X-Content-Type-Options: nosniff
- headerConfig
-
Customizes default HTTP response headers. Accepts the following format:
[action] [header name]: [header value](,[action] [header name]: [header value])
. Supported header actions areset
,add
,setDate
andaddDate
. Default:set X-Frame-Options: DENY,set X-XSS-Protection: 1; mode=block,set X-Content-Type-Options: nosniff
Market
XP_HOME/config/com.enonic.xp.market.cfg
Enonic Market configuration options:
marketUrl = https://market.enonic.com/applications
UDC
XP_HOME/config/com.enonic.xp.server.udc.cfg
UDC (Usage Data Collector) is passing anonymous usage data 10 minutes after startup and then every 24 hours. This is only used to see what platforms are used and improve platform stability.
enabled = true
Standard IDprovider
XP_HOME/config/com.enonic.xp.app.standardidprovider.cfg
The Standard ID Provider, in charge of the login for admin by default, has a “Create Admin User” mode for new installations. When enabled, you may postpone creation of the admin user. You may turn off this feature.
loginWithoutUser = true
- loginWithoutUser
-
Set to false to force creation of user before logging in. Default:
true
.
Logging
XP_HOME/config/logback.xml
Configure all logging inside the system.
<configuration scan="true" scanPeriod="60 seconds"> (1)
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> (2)
<file>${xp.home}/logs/server.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern>${xp.home}/logs/server.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
<maxFileSize>100MB</maxFileSize>
<maxHistory>7</maxHistory>
<totalSizeCap>3GB</totalSizeCap>
</rollingPolicy>
<encoder>
<pattern>%d{HH:mm:ss.SSS} %-5level %logger{36} - %msg%n</pattern>
</encoder>
</appender>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<withJansi>true</withJansi>
<encoder>
<pattern>%date{ISO8601} %highlight(%-5level) %cyan(%logger{36}) - %msg%n</pattern>
</encoder>
</appender>
<root level="info"> (3)
<appender-ref ref="STDOUT"/>
<appender-ref ref="FILE"/>
</root>
<logger name="Events.Service" level="WARN" additivity="false">
<appender-ref ref="STDOUT"/>
<appender-ref ref="FILE"/>
</logger>
<logger name="Events.Bundle" level="WARN" additivity="false">
<appender-ref ref="STDOUT"/>
<appender-ref ref="FILE"/>
</logger>
</configuration>
1 | Configuration
scan: If true sets the file in scan mode and will reconfigure itself when the configuration file changes. scanPeriod: Sets the scanning period. Values can be specified in units of miliseconds, seconds, miniutes or hours. Defaults to every minute. If no unit of time is specified, milisceonds will be used. |
2 | Appender creates a new logging component
class Points to what java class you want handle your logging Possible classes: ConsoleAppender: "ch.qos.logback.core.ConsoleAppender" ConsoleAppender |
3 | Root Configuring the root logger.
level Can be set on <logger> and <root> to specify the importance of the message logged. |
Additional information can be found here: Logback documentation
Audit
This config file was first introduced in v7.2 |
XP_HOME/config/com.enonic.xp.audit.cfg
Configure the audit log feature.
enabled = true
outputLogs = false
ageThreshold =
- enabled
-
Set to false to disable the creation of audit log entries. Default:
true
. - outputLogs
-
Set to true to log the stored audit log entries. Default:
false
. - ageThreshold
-
Age of data to be removed by a cleanup task. The format is based on the ISO-8601 duration format PnDTnHnMn.nS with days considered to be exactly 24 hours. Nothing will be removed by default, duration must me set.
Content
This config file was first introduced in v7.2 |
XP_HOME/config/com.enonic.xp.content.cfg
Configure the content layer behaviour.
auditlog.enabled = true
- auditlog.enabled
-
Set to
false
to disable the creation of audit log entries on content API operations. Default:true
.Audit log can be disabled by common enabled
property. Content flag won’t affect anything in this case. - auditlog.filter
-
Comma separated values
rule(,rule)*
of allow/deny rules. Default:!system.content.update,*
(allow everything except "content update" event).
A rule prefixed with !
is a deny
rule, otherwise it is an allow
rule. A rule suffixed with *
is a wildcard rule.
Rules are applied in sequence. A first matching rule wins. If no matching rule found, event type is denied. Only content event types can be filtered.
auditlog.filter = !*
auditlog.filter = *
auditlog.filter = !system.content.update,*
auditlog.filter = system.content.set*
- attachments.allowUnsafeNames
-
Set to
true
to allow suspicious characters in content attachment file names. Default:false
. - resolveEmptyRegions
-
Set to
true
to use deprecated Content API functionality that will read Page/Layout descriptors and inject empty regions into fetched content objects. Default:false
.
Setting resolveEmptyRegions to true can adversely impact system performance. By using this deprecated Content API functionality to read Page/Layout descriptors and inject empty regions into fetched content objects, additional computational resources and processing time are required. As such, it may lead to slower system response and reduced efficiency. Importantly, this functionality is deprecated and will be removed in future versions of Enonic XP. It is advisable to adapt your workflows to operate without this feature to ensure future compatibility. |
Vacuum
XP_HOME/config/com.enonic.xp.vacuum.cfg
Configure default properties for vacuum process. .Sample vacuum config file
ageThreshold = P21D
- ageThreshold
-
Age of data to be vacuumed. The format is based on the ISO-8601 duration format PnDTnHnMn.nS with days considered to be exactly 24 hours. Default:
P21D
(21 days).
Application
XP_HOME/config/com.enonic.xp.app.cfg
Configure applications behavior.
filter = !*
filter = !com.enonic.app.snapshotter,*
filter = my.secure.corp.*
- filter
-
Comma separated values
rule(,rule)*
of allow/deny rules. Default:*
(allow all).
Rule can be prefixed with !
- that it is a deny
rule, otherwise it is an allow
rule. Rule can be suffixed with *
- that is a wildcard rule.
Application names that start with ! or end with * or contain , or contain (space) are not supported. |
Rules applied in order. First matching rule wins. If no matching rule found, application is denied.
System and local applications are not filtered. Global application installation is denied (error is thrown), if filter denies it. Stored application installation is skipped if filter denies it.
Filter rules apply separately on different nodes in cluster. If one cluster node denies an app, another cluster node may still allow it. |
- virtual.enabled
-
Allows the use of virtual applications. If set to
true
then schemas from virtual applications will be visible as resources. Default:false
. - virtual.schema.override
-
When set to
true
, virtual application schemes will have a priority over schemes in a real application with the same name. When set tofalse
virtual application schemes have no affect if real application with the same name exists. Default:true
.
virtual.enabled = false
virtual.schema.override = false
Task
XP_HOME/config/com.enonic.xp.task.cfg
Configure the task behaviour.
distributable.acceptInbound = false
clustered.timeout = PT10S
- distributable.acceptInbound
-
If true, accept inbound distributable tasks. Default:
true
. - clustered.timeout
-
The time (in ISO-8601 Period format) the node waits for a job (task or task-info job) to be submitted to another cluster node. Default:
PT5S
(5 seconds).
Scheduler
XP_HOME/config/com.enonic.xp.scheduler.cfg
Configure default custom jobs to be created for scheduling when an XP instance start. Skip creation if a job with the same name exists already. Only recurring (cron) jobs can be created by the config file. There is no guaranteed order for distributed environment, so the first started node will create its version of a job for the whole cluster.
Properties prefixed with init-job.<my-job-name>
will describe properties of a job with <my-job-name>
name.
Property | Type | Description |
---|---|---|
|
required |
|
|
required |
Cron value describes how often the described task should be run. See string format. |
|
optional |
Timezone used for cron. See string format. JVM value will be used if nothing is set. |
|
required |
Descriptor of the task to be scheduled. Format: |
|
optional |
JSON string with params for described task. |
|
required |
Principal key of the task submitter. Format: |
|
optional |
contains string-format description of scheduled job. |
init-job.my-job1.enabled=true
init-job.my-job1.cron=* * * * *
init-job.my-job1.descriptor=com.enonic.xp.app.myapp:task1
init-job.my-job1.description=Job to run `myapp:task1` every minute without params
init-job.my-job1.user=system:user1
init-job.my-job2.enabled=false
init-job.my-job2.cron=0 5 * * *
init-job.my-job2.timezone=GMT+2:00
init-job.my-job2.descriptor=com.enonic.xp.app.myapp:task2
init-job.my-job2.description=Job to run `myapp:task2` at 5:00AM every day according to it's timezone.
init-job.my-job2.user=system:user1
init-job.my-job2.config={"myparam1":"value1","myset":{"myparam2":"value2"}}
Properties prefixed with init-job.my-job1
describe properties of my-job1
job.
- init-job.my-job1.enabled
-
true - job will be scheduled at server start.
- init-job.my-job1.cron
-
* * * * * - will be run every minute.
Properties prefixed with init-job.my-job2
describe properties of my-job2
job.
- init-job.my-job2.enabled
-
False - job will be created, but never run until it changes.
- init-job.my-job2.cron
-
0 5 * * * - job will be created to run task at 5:00AM every day according to it’s timezone.
Portal
XP_HOME/config/com.enonic.xp.portal.cfg
Configure the portal behaviour.
asset.cacheControl = public, max-age=31536000, immutable
media.public.cacheControl = public, max-age=31536000, immutable
media.private.cacheControl = private, max-age=31536000, immutable
draftBranchAllowedFor = role:system.admin.login
media.contentSecurityPolicy =
media.contentSecurityPolicy.svg =
- asset.cacheControl
-
Defines assets cache-control header when asset is cachable. Default:
public, max-age=31536000, immutable
- media.public.cacheControl
-
Defines media (images, attachments)
Cache-Control
header when media is cachable and accessible by Everyone. Default:public, max-age=31536000, immutable
- media.private.cacheControl
-
Defines media (images, attachments)
Cache-Control
header when media is cachable and not accessible by Everyone. Default:private, max-age=31536000, immutable
- media.contentSecurityPolicy
-
Defines media (images, attachments)
Content-Security-Policy
header. Default:default-src 'none'; base-uri 'none'; form-action 'none'
- media.contentSecurityPolicy.svg
-
Defines media (images, attachments)
Content-Security-Policy
header in cases when it isimage/svg+xml
mime type. Default:default-src 'none'; base-uri 'none'; form-action 'none'; style-src 'self' 'unsafe-inline'
- draftBranchAllowedFor
-
Defines comma separated list of roles which are allowed to access the draft branch. Default:
role:system.admin.login
. Also, a user with rolerole:system.admin
implicitly has access to the draft branch.
Image
XP_HOME/config/com.enonic.xp.image.cfg
Configure the image service behaviour.
scale.maxDimension = 8000
filters.maxTotal = 5
memoryLimit = 100mb
- scale.maxDimension
-
Defines maximum dimension size (both height and width) when scaling is done. Default:
8000
- filters.maxTotal
-
Defines maximum total filters applied per call. Default:
25
- memoryLimit
-
Defines Heap memory limit for image processing. If the memory limit is reached, the Image Service will start to protect itself from being overwhelmed by additional requests. It does so by responding with an HTTP
429 Too Many Requests
status code to subsequent incoming requests. This memory limit acts as a soft cap rather than a hard limit. This means that the used memory can momentarily exceed the limit. The value is set in percentage of total Heap, or in memory units (mb
,gb
, …). Default:10%
Export
XP_HOME/config/com.enonic.xp.export.cfg
Configure exports service behaviour.
exports.dir = /xp-exports
- exports.dir
-
Defines location of exports directory. Default:
${xp.home}/data/export
Binary Extractor
XP_HOME/config/com.enonic.xp.extractor.cfg
Configure binary extractor service behaviour.
body.size.limit = 500000
- body.size.limit
-
Defines maximum number of characters from a textual media. Default:
500000