Properties
nevisAdmin features instance properties for further customizing. These properties are set by the /var/opt/nevisadmin/default/conf/nevisadmin.properties file. Changes to the file require a restart of the nevisAdmin instance to be applied.
note
nevisadmin.properties is not patched when upgrading nevisAdmin to a newer version. Thus, check the release notes if changes are required or recommended.
For a description of supported properties, see the table below:
| Property name | Default | Description |
|---|---|---|
ch.nevis.nevisadmin.agent.rundir | /var/opt/nevisagent/default/run | Path of the pre/post installation scripts (where a script file is copied to and executed on the remote machine). |
ch.nevis.nevisadmin.auditservice.auth.class | ch.nevis.esauth.util.audit.JcanChannel | nevisAuth AuditService implementation. |
ch.nevis.nevisadmin.ca.signeralg | SHA1 with RSA | Signer algorithm used by internal nevisAdmin CA |
ch.nevis.nevisadmin.check.repository.enable | false | Checks for corrupted files in the nevisAdmin repository. This check is only required on systems with IO issues. |
ch.nevis.nevisadmin.monitor.null-byte-check.timer | *:*/15 | A simplified cron expression that sets the interval of the job enabled by the property ch.nevis.nevisadmin.check.repository.enable. The default value checks every15 minutes. |
ch.nevis.nevisadmin.com.proxy.resourcemanager.retrytimeout | 10 | Defines the nevisProxy connector settings (set by default for the ResourceManager.RetryTimeout parameter). |
ch.nevis.nevisadmin.commit.esauth4XmlConfigValidator.disable | false | Disables the esauth4.xml config validator (the default is "false"). |
ch.nevis.nevisadmin.commit.navajoXmlConfigValidator.disable | false | Disables the navajo.xml config validator (the default is "false"). |
ch.nevis.nevisadmin.commit.webXmlConfigValidator.disable | false | Disables the web.xml config validator (the default is "false"). |
ch.nevis.nevisadmin.config.enforce.httpd_lib_version | 1 | Do not replace static Apache library strings by the nevisProxy ${HTTPD_LIB_VERSION} variable. |
ch.nevis.nevisadmin.config.import.merge.matching.objectids | 1 | Uncomment to switch back to legacy behavior for environment imports (prior to version 3.6.4.0): "Do not merge if the ID of the destination object is the same as the one of the source object". This can happen if you re-import an environment to the environment you created the .exp file from. |
ch.nevis.nevisadmin.config.proxy.service.unsecure.default | allow | Set the default for "Unsecure connection" setting. |
ch.nevis.nevisadmin.config.proxy.arch | 32 | Sets the proxy architecture (64 or 32 bit) used before the real architecture has been discovered. |
ch.nevis.nevisadmin.config.proxy.cookieName | Navajo | Cookie settings. |
ch.nevis.nevisadmin.config.proxy.useApache22.preset | 0 | Presets the Use Apache 2.2 (downgrade) checkbox. |
ch.nevis.nevisadmin.config.proxy.variablesfile.enable | 0 | Creates the variables.conf file within the nevisProxy instance's conf/ directory. |
ch.nevis.nevisadmin.control.command.timeout | 300000 | Defines the timeout for standard command execution, e.g. instance restart. |
ch.nevis.nevisadmin.deploy.deletefiles | 1 | Enables the deletion of files that are no longer used (but deployed by a previous revision). |
ch.nevis.nevisadmin.deploy.disablerollback | false | Disables the automatic rollback (if an instance cannot be started) during deployment. |
ch.nevis.nevisadmin.deploy.notification.script | Sets the path to the pre/post installation script. | |
ch.nevis.nevisadmin.end2endmonitor.agent.cmd | Specifies a command/script to be executed by the agent after running and end2end monitor test pass. | |
ch.nevis.nevisadmin.environment.legacy-session-management.default | 1 | Disables by default legacy session management for new environments. |
ch.nevis.nevisadmin.environment.size.default | M | Sets the default environment size (S, M, L, XL). |
ch.nevis.nevisadmin.group.automaticassignment | 0 | Controls the automatic environment/zone to group assignment by regular expressions. |
ch.nevis.nevisadmin.gui.breadcrumb.includeids | 0 | Shows the selected object ID on the bread crumb. |
ch.nevis.nevisadmin.gui.conf.environment.revisions.show | 0 | Enables the Past revisions menu item and related functionality in the Configuration tab. Once this feature is in use, downgrading to nevisAdmin 3.6.2 or lower is not supported anymore. |
ch.nevis.nevisadmin.gui.headercolor | default | Changes the header color to indicate special usage. Possible values are: red, green, blue, orange, default. |
ch.nevis.nevisadmin.gui.headerscrolling.enabled | 1 | Allows scrolling the header if it is too big. |
ch.nevis.nevisadmin.gui.op.environment.load.revisions.hide | 0 | Disables the Rollback function within the Operations tab (previously known as the"Load" function), to restore old environment revisions including their infrastructure. This function should be hidden because it causes high memory usage and slowness. |
ch.nevis.nevisadmin.import.application.defaults | 1 | Defines whether to apply default configuration settings to the imported applications (e.g., proxy services). |
ch.nevis.nevisadmin.import.application.preserveUnmanagedFiles | false | This is an expert setting for import. If set to "true", this property prevents the removal of files, which are not part of the imported .exp file, from the realm file managers in the target environment. |
ch.nevis.nevisadmin.import.application.excludeInheritedUpperLowerResources | false | This is an expert setting for import. If set to "true", this property ensures that mappings of imported applications do not inherit any resources from existing parent mappings in the target environment. |
ch.nevis.nevisadmin.keybox.create.keypass.base64.encoded | 0 | Enables nevisKeybox keypass base64 encoding. |
ch.nevis.nevisadmin.log.processlog | 0 | Generates separate logs for Import, Deploy, Commit, and Load categories. |
ch.nevis.nevisadmin.log.processlog.filecount | 10 | How many log files to keep for each category. |
ch.nevis.nevisadmin.log.proxy.ErrorLogPfx | Additional piped log tools to add to the Apache ErrorLog directive, for example: /opt/bin/doanything /var/opt/nevisproxy/NAME_OF_PROXY_INSTANCE/logs/anything.log. | |
ch.nevis.nevisadmin.log.proxy.LogFormat | LogFormat for the nevisProxy access.log file. | |
ch.nevis.nevisadmin.log.proxy.TraceId | %u.%C | Defines the format of the transaction ID generated by nevisProxy. |
ch.nevis.nevisadmin.login.additional.logging.enabled | 0 | Additional login logging. |
ch.nevis.nevisadmin.login.cert.createuser | 0 | Automatically adds users logged in via SSL cert to the repository. |
ch.nevis.nevisadmin.login.ldap.createuser | 0 | Automatically adds users logged in via LDAP to the repository. |
ch.nevis.nevisadmin.monitor.adminheap | 30 | Used for monitoring. Specifies the min. free heap memory in megabytes of nevisAdmin itself. |
ch.nevis.nevisadmin.monitor.application.errors.only5xx | 0 | Counts 4xx and 5xx (default/false) or only 5xx (true) status codes to generate application alerts. |
ch.nevis.nevisadmin.monitor.application.errors.threshold | 2 | Used for monitoring. Specifies the max. percentage of errors (4xx/5xx responses) of an application. |
ch.nevis.nevisadmin.monitor.application.stat.timeout | 10000 | Used for monitoring. Specifies the timeout when polling for the application statistics. |
ch.nevis.nevisadmin.monitor.certificate.expiration | 24 * 30 | Used to alert about expired certificates (default at 24*30 hours = 30 days). |
ch.nevis.nevisadmin.monitor.default-import.enable | true | Use this background job to import default resources into new environments. |
ch.nevis.nevisadmin.monitor.default-import.timer | *:*/5 | A simplified cron expression which sets the interval of this background job. The default checks every 5 minutes. |
ch.nevis.nevisadmin.monitor.file-integrity-check.enable | true | Enables a background job which periodically checks the integrity of deployed files on target servers. |
ch.nevis.nevisadmin.monitor.file-integrity-check.skiplist | "" | Define rules for File Integrity Check exceptions. Rules are separated by "|". A rule looks like this: "{serverName}:{pathToFile1},{pathToFile2}". If the serverName is missing, the provided paths will be globally skipped, if the paths are missing the server will be fully skipped. If the property value equals : the whole check will be skipped.ch.nevis.nevisadmin.monitor.file-integrity-check.skiplist |
ch.nevis.nevisadmin.monitor.file-integrity-check.threadbased | false | Use separate threads to check integrity of files. |
ch.nevis.nevisadmin.monitor.file-integrity-check.timer | *:15 | Sets a single value (in minutes) to run file integrity checks every hour at a specific minute (for example, 15 means the system will run checks every hour 15 minutes past) or use */5 for checks every 5 minutes in the hour (that is, at xx:05, xx:10, xx:15, xx:20, and so on). The default runs every hour at 15 past. |
ch.nevis.nevisadmin.monitor.freedisk | 512000 | Used for monitoring. Specifies the min. free disk (kbytes). |
ch.nevis.nevisadmin.monitor.freememory | 512000 | Used for monitoring. Specifies the min. free memory (kbytes). |
ch.nevis.nevisadmin.monitor.freeswap | 1000 | Used for monitoring. Specifies the min. free swap (mbytes). |
ch.nevis.nevisadmin.monitor.input-learning.enable | true | Background job required for self-learning input validation filters. |
ch.nevis.nevisadmin.monitor.input-learning.timer | *:5 | A simplified cron expression (hour:minute). The default runs every hour at 5 past. |
ch.nevis.nevisadmin.monitor.instance.status.timeout | 60000 | Used for monitoring. Specifies the timeout when polling instance status. |
ch.nevis.nevisadmin.monitor.loghost.address | Space separated list of host:port to connect to the elasticsearch cluster, usually localhost:9300. | |
ch.nevis.nevisadmin.monitor.loghost.limit | 100 | Limits the number of events to fetch. |
ch.nevis.nevisadmin.monitor.loghost.weburl | Sets the href to access kibana (to build the dashboard link, e.g. http://admsrv.zh.adnovum.ch/nevislog/). | |
ch.nevis.nevisadmin.monitor.loghost.window | 300000 | Defines the time window to search for error messages (in milliseconds). |
ch.nevis.nevisadmin.monitor.mail-report.enable | true | Background job which sends an e-mail report. |
ch.nevis.nevisadmin.monitor.mail-report.timer | 6:9 | Runs at 6:09 AM. |
ch.nevis.nevisadmin.pki-expiration-check.enable | true | Background job which checks expiration of certificates on servers. |
ch.nevis.nevisadmin.pki-expiration-check.timer | 9:3 | Runs at 9:03 AM. |
ch.nevis.nevisadmin.monitor.status-check.enable | true | Background job which checks the status of servers and deployed instances. |
ch.nevis.nevisadmin.monitor.status-check.timer | :/5 | Default runs every 5 minutes |
ch.nevis.nevisadmin.monitor.server.status.timeout | 10000 | Used for monitoring. Specifies the timeout when polling for the server status. |
ch.nevis.nevisadmin.monitor.threadpool | 10 | Sets the size of monitoring thread pools. |
ch.nevis.nevisadmin.monitor.url-learning.enable | true | Used for self-learning of URL validation filters. |
ch.nevis.nevisadmin.monitor.url-learning.timer | *:1 | Simplified cron expression. The default runs every hour at 1 past. |
ch.nevis.nevisadmin.neviskeybox.hsm.command.group | Comes from “ch.nevis.nevisadmin.sys.defaultgroup” | |
ch.nevis.nevisadmin.neviskeybox.hsm.command.owner | Comes from “ch.nevis.nevisadmin.sys.defaultuser” | |
ch.nevis.nevisadmin.neviskeybox.parser.legacy.enable | 1 | Enables legacy parsing of the keybox output for backward compatibility. |
ch.nevis.nevisadmin.nevissign.enabled | 0 | Used to enable the nevisSign functionality. |
ch.nevis.nevisadmin.reporting.simpletemplate | /opt/nevisadmin/repository/templates/pdf/simpleReport.xsl | Path to the simple report xsl file. |
ch.nevis.nevisadmin.reporting.weekly.day | Monday | The weekday to create the automatic usage report. |
ch.nevis.nevisadmin.rest.access.control.allow.headers | Accept, Content-Type, Authorization | Sets the "Access-Control-Allow-Headers" value in the response header. |
ch.nevis.nevisadmin.rest.access.control.allow.methods | GET, POST, DELETE, PUT, PATCH, OPTIONS | Sets the "Access-Control-Allow-Methods" value in the response header. |
ch.nevis.nevisadmin.rest.access.control.allow.origin | * | Sets the "Access-Control-Allow-Origin" value in the response header. |
ch.nevis.nevisadmin.revision.allowrollback | 1 | Enables the possibility to restore old revisions of environments within the web front end of nevisAdmin. |
ch.nevis.nevisadmin.sectoken.default.algorithm | Overwrites the Nevis SecToken default algorithm (affects nevisAuth TokenSpec & nevisProxy). | |
ch.nevis.nevisadmin.smtp.sender | [email protected] | The sender address for e-mail notifications. |
ch.nevis.nevisadmin.software.path | Defines the log path of installed packages via the software update function. | |
ch.nevis.nevisadmin.software.repository | “ch.nevis.nevisadmin.repository.root”/../software | Defines the directory to store software images. |
ch.nevis.nevisadmin.ssl.proxy.cache.maxInactiveInterval | Uses the Realm's initial inactivity timeout | Defines the timeout settings for the nevisProxy's SSLCache (overrides the values depending on the environment's timeout settings and calculated by nevisAdmin). |
ch.nevis.nevisadmin.ssl.proxy.cache.maxLifetime | Uses the Realm's final timeout | Defines the timeout settings for the nevisProxy's SSLCache (overrides the values depending on the environment's timeout settings and calculated by nevisAdmin). |
ch.nevis.nevisadmin.ssl.proxy.cache.shared | 0 | Enables a shared SSLCache for the navajo.xml (within Engine instead Connector node). |
ch.nevis.nevisadmin.ssl.proxy.SSLProtocol, ch.nevis.nevisadmin.ssl.proxy.SSLOptions, ch.nevis.nevisadmin.ssl.proxy.SSLCipherSuite, ch.nevis.nevisadmin.ssl.proxy.SSLHonorCipherOrder, ch.nevis.nevisadmin.ssl.proxy.SSLRenegBufferSize, ch.nevis.nevisadmin.ssl.proxy.SSLInsecureRenegotiation, ch.nevis.nevisadmin.ssl.proxy.SSLDHParametersFile, ch.nevis.nevisadmin.ssl.proxy.SSLRandomSeed.<n> | These properties define the defaults for the generation of navajo.xml file (for example, for the SSL element). | |
ch.nevis.nevisadmin.ssl.transport.SSLProtocol, ch.nevis.nevisadmin.ssl.transport.SSLCipherSuites,ch.nevis.nevisadmin.ssl.transport.DNSCache, ch.nevis.nevisadmin.ssl.transport.DNSCache.ttl | These properties define the default settings for the Esauth4ConnectorServlet. | |
ch.nevis.nevisadmin.statistics.generation.disable | 0 | Disables the statistics generation. |
ch.nevis.nevisadmin.sys.admuser | nvbuser | Specifies the file ownership settings. |
ch.nevis.nevisadmin.sys.authuser | nvauser | Specifies the file ownership settings. |
ch.nevis.nevisadmin.sys.defaultgroup | nvbgroup | Specifies the file ownership settings. |
ch.nevis.nevisadmin.sys.defaultuser | nvbuser | Specifies the file ownership settings. |
ch.nevis.nevisadmin.sys.proxyuser | nvpuser | Specifies the file ownership settings. |
ch.nevis.nevisadmin.syslog.auth.severity.audit | INFO | Defines the minimum severity of filtered log messages forwarded to the syslog host. |
ch.nevis.nevisadmin.syslog.java.conversionpattern | : %d{ISO8601} %-15.15t %-40.40c %-5.5p %x%m%n | |
ch.nevis.nevisadmin.syslog.java.severity.server | WARN | Defines the minimum severity of filtered log messages forwarded to the syslog host. |
ch.nevis.nevisadmin.syslog.proxy.severity.apache | INFO | Defines the minimum severity of filtered log messages forwarded to the syslog host. |
ch.nevis.nevisadmin.user.already.logged.in.notification | on | Shows a post-login dialog in case multiple users are logged in. The dialog offers the following options: continue; logout; continue in read-only mode |
ch.nevis.nevisadmin.user.passwordpolicy.minLength, ch.nevis.nevisadmin.user.passwordpolicy.minLower, ch.nevis.nevisadmin.user.passwordpolicy.minNonAlnum, ch.nevis.nevisadmin.user.passwordpolicy.minNonLetter, ch.nevis.nevisadmin.user.passwordpolicy.minUpper | 0 | Specifies the nevisAdmin user password policy settings. |
ch.nevis.isiweb4.servlet.connector.http.SSLProtocol, ch.nevis.isiweb4.servlet.connector.http.SSLCipherSuites, ch.nevis.isiweb4.servlet.connector.http.ResponseLineSize, ch.nevis.isiweb4.servlet.connector.http.DNSCache, ch.nevis.isiweb4.servlet.connector.http.DNSCache.ttl | These properties define the default settings for the Http(s)ConnectorServlet. | |
nevisadmin.bin.cvs | cvs | Sets the path/file name of the CVS binary to use. |
nevisadmin.bin.cvs.tmo | 300000 | Defines the timeout for CVS command execution. |
nevisadmin.bin.qsregex | /opt/nevisadmin/bin/qsregex | Sets the path/file name of the qsregex binary. |
nevisadmin.bin.qsregex.tmo | 1000 | Defines the timeout for qsregex command execution. |