manual:service:configuration

Configuration

The RePoSyD server is customizable through the configuration file.

Key Default Type Usage
application
application.url http://localhost string Application URL. Used, for example, for HTTP links in emails.
Key Default Type Usage
authentification [repository] string|object[] List of the strategies for user authentification

Repository

This is the default strategy for authenticating a user.

{
  "authentification": ["repository"]
}

LDAP

LDAP Server
{
  "authentification": [{
    "type": "ldap",
    "ldap": {
      "url": "ldaps://localhost:636"
      "users": {
        "attribteName": "cn",
        "dn": "cn={{username}},ou=users,dc=test"
        "searchBase": "cn=Users,dc=test",
      },
        "groups": {
        "attributeName": "dn",
        "groupName": "RePoSyD User",
        "memberAttribute": "member",
        "objectClass": "group",
        "searchBase": "cn=Users,dc=test"
       },
     }
  }]
}
Active Directory Server
{
  "authentification": [{
    "type": "ldap",
    "ldap": {
      "url": "ldaps://localhost:389"
      "users": {
        "attribteName": "sAMAccountName",
        "dn": "DOMAIN\{{username}}"
        "searchBase": "ou=users,dc=test",
      },
        "groups": {
        "attributeName": "cn",
        "groupName": "reposyd",
        "memberAttribute": "member",
        "objectClass": "group",
        "searchBase": "ou=group,dc=reposyd,dc=test"
       },
     }
  }]
}

IIS Web Config

<rewrite>
  <rules>
    <clear/>
    <rule name="RePoSyD API" enabled="true" stopProcessing="true">
      <match url="^api/(.*)"/>
      <conditions logicalGrouping="MatchAll" trackAllCaptures="false"/>
      <action type="Rewrite" url="http://localhost:3000/{R:1}"/>
    </rule>
    <rule name="RePoSyD Auth" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
      <match url="^auth/(.*)"/>
      <conditions logicalGrouping="MatchAll" trackAllCaptures="false"/>
      <action type="Rewrite" url="http://localhost:3000/auth/{R:1}" logRewrittenUrl="true"/>
    </rule>
  </rules>
  <outboundRules>
    <preConditions>
      <preCondition name="ResponseIsHtml1">
        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html"/>
      </preCondition>
    </preConditions>
  </outboundRules>
</rewrite>
HTTPS Redirect
<rule name="HTTPS-Redirect" stopProcessing="true">
  <match url="(.*)"/>
  <conditions>
    <add input="{HTTPS}" pattern="^OFF$"/>
  </conditions>
  <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false"/>
</rule>
Key Default Type Usage
email
email.preview false boolean If true, the email preview is shown in the default browser and not send. Should be used for development purposes only.
email.replyAddress string Reply address used in emails.
email.supportAddress string Mail address of the support organization maintaining RePoSyD.
email.templates string Folder containing the templates used for generating emails.
Key Default Type Usage
eventHandler [“actiontracking”, “repository”, “role”] string[] List of activated event handlers.

Action Tracking

Sends a notification email to action responsible.

Event Logger

Captures all events and writes them to the log as debug output (logging level: “debug”.

Repository

Role

Key Default Type Usage
jwt
jwt.secret null string secret key used to encrypt the tokens. If null or undefined, the internal secret key is generated.
!! SECURITY WARNING!!
DO NOT USE THE SECRET OPTION IN A PRODUCTION ENVIRONMENT, UNLESS YOU KNOW WHAT YOU ARE DOING!
jwt.ttl.access 360s string Time to live for the access token, expressed in seconds or a string describing a time span vercel/ms.
jwt.ttl.refresh 24h string Time to live for the refresh token, expressed in seconds or a string describing a time span vercel/ms.
Key Default Type Usage
logging
logging.level info string
logging.colorize boolean true If true, the console output is colorized according to the message level.
logging.console.enabled false boolean If true, messages are displayed on the console (stdout).
logging.file.enabled false boolean If true, messages are written in the specified log file.
logging.filename string reposyd.log Name of the log file
logging.file.maxSize 500 number Maximum size of the file, after which it will be archived. This can be a number of bytes, or units of kb, mb, and gb. If using the units, add 'k', 'm', or 'g' as the suffix. The units need to directly follow the number.
logging.file.maxFiles 10 number Maximum number of logs to keep. If not set, no logs will be removed. This can be a number of files or number of days. If using days, add 'd' as the suffix. It uses auditFile to keep track of the log files in a json format. It won't delete any file not contained in it. It can be a number of files or number of days.
logging.rotation.enabled false boolean If true, log file rotation is enabled.
logging.rotation.createSymlink false boolean Create a tailable symlink to the current active log file
logging.rotation.folder . string The folder name to save log files to.
logging.rotation.maxSize 500k string Maximum size of the file after which it will rotate. This can be a number of bytes, or units of kb, mb, and gb. If using the units, add 'k', 'm', or 'g' as the suffix. The units need to directly follow the number.
logging.rotation.maxFiles 14d string Maximum number of logs to keep. If not set, no logs will be removed. This can be a number of files or number of days. If using days, add 'd' as the suffix. It uses auditFile to keep track of the log files in a json format. It won't delete any file not contained in it. It can be a number of files or number of days.
logging.rotation.symlinkName reposyd.log string The name of the tailable symlink.
logging.rotation.utc true boolean Use UTC time for date in filename.
logging.rotation.zippedArchive true boolean If true, the archived log files are gzipped.
logging.service string reposyd service name
Key Default Type Usage
pdfmake
pdfmake.fonts string URL of the repository, e.g. 'sqlite:/var/opt/reposyd/database?database=reposyd.sqlite'
Key Default Type Usage
repository
repository.url string URL of the repository, e.g. 'sqlite:/var/opt/reposyd/database?database=reposyd.sqlite'
Key Default Type Usage
reportGenerator
reportGenerator.fonts /reposyd/data/fonts string Folder with the available fonts
reportGenerator.pdfmake
{
 "reportGenerator": {
  "pdfmake": {
   "compressed": true,
   "fonts": {
    "<fontname>": {
      "normal": "<file>",
      "bold": "<file>",
      "italics": "<file>",
      "bolditalics": "<file>"
    }
   }
  }
 }
}
Key Default Type Usage
restify
restify.host localhost string Specifies the host interface on which the restify listens. Use '0.0.0.0' to listen on all interfaces.
restify.port 3000 string Port number on the interface.
restify.ssl.cert string
restify.ssl.key string
Key Default Type Usage
services [“actiontracking”] stringobject[] List of activated services.

Action Tracking

The action tracking services generates emails for overdue actions and sends them to the responsible users. For using the default configuration, add a string value to the list of activated services.

"services": ["actiontracking"]

To run the service with custom option, add a object value to the list.

"services": [{ "name": "actiontracking", "whine": { "interval": "* * * 12" } }]
Key Default Type Usage
whine.interval * * !6-7 12“ string The string value defines the interval for whining about overdue actions. timexe
In the default configuration, the service is executed from Monday to Friday at 12 noon.
Key Default Type Usage
smtp
smtp.host string This option specifies the SMTP used for sending messages. To use the local SMTP, set this option to 'localhost'. Otherwise use a fully qualified domain name.
smtp.port 25 number This option specifies the SMTP port to use.
smtp.user string Username for SMTP server authentification.
smtp.password string Password used for SMTP server authentification
smtp.check false boolean If true, the SMTP server connection is checked at startup.
smtp.secure false boolean If true the connection will use TLS when connecting to server. If false (the default) then TLS is used if server supports the STARTTLS extension. In most cases set this value to true if you are connecting to port 465. For port 587 or 25 keep it false
smtp.tls.rejectUnauthorized false boolean If true, the server certificate is not validated against the list of CAs.
smtp.tls.ignore false boolean If true and secure is false then TLS is not used even if the server supports STARTTLS extension.
smtp.tls.require false boolean If this is true and secure is false then Nodemailer tries to use STARTTLS even if the server does not advertise support for it. If the connection can not be encrypted then message is not sent

Example Development Environment

{
  "application": {
    "url": "http://localhost"
  },
  "authentification": ["repository"],
  "jwt": {
    "secret": "!!##@@changeme@@##!!"
  },
  "logging": {
    "console": {
      "enabled": true
    },
    "file": {
      "enabled": false
    },
    "rotation": {
      "enabled": false
    },
    "syslog": {
      "enabled": false
    },
    "level": "debug",
    "service": "reposyd-devel"
  },
  "eventHandler": ["actiontracking", "repository", "role"],
  "services": [
    {
      "name": "actiontracking",
      "debug": false,
      "whine": {
        "atStartup": false,
        "interval": "* * !6-7 12"
      }
    }
  ],
  "repository": {
    "url": "sqlite:d:/reposyd/carbcat/database?database=reposyd.sqlite"
  },
  "restify": {
    "host": "127.0.0.1",
    "port": 3000
  }
}
This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • manual/service/configuration.txt
  • Last modified: 3 months ago
  • by maho