Search


Cloud customer?
Upgrade in MyJFrog >


Working with an older version?

JFrog Artifactory 6.x
JFrog Xray 2.x
JFrog Mission Control 3.x
JFrog Distribution 1.x
JFrog Enterprise+ (Pre-Platform Release)




Overview

The following is an example of a complete Artifactory system YAML file showing all the different parameters that you may configure.

Example Templates

It is recommended to use the templates available under $JFROG_HOME/artifactory/var/etc/

  • system.basic-template.yaml includes most commonly used system configurations and is identical to the system.yaml after a fresh install
  • system.full-template.yaml includes a list of all available configurations



YAML File Format

The YAML file is constructed with keys and entities, using the following key: [entity] format.

  • Shared configurations specified under the shared section, are used by all micro-services.
  • Micro-service specific configuration are set under each micro-service section and override similar shared configurations for the specific micro-service.
Page contents


Supported Configurations

Where to find system.yaml?

You can configure all your system settings using the system.yaml file located in the $JFROG_HOME/artifactory/var/etc folder.

Shared Configurations

Note: Make sure to edit the below yaml file according to your specific requirements. For example, remove unused database settings.

## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE
## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.

configVersion: 1

## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
## Replace JFROG_HOME with the real path!
## For example, in RPM install, JFROG_HOME=/opt/jfrog

## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
## NOTE: The provided commented key and value is the default.

## SHARED CONFIGURATIONS
## A shared section for keys across all services in this config
shared:
  ## Java 11 distribution to use
  #javaHome: "JFROG_HOME/artifactory/app/third-party/java"

  ## Extra Java options to pass to the JVM. These values add to or override the defaults.
  #extraJavaOpts: "-Xms512m -Xmx2g"

  ## Security Configuration
  security:
    ## Set your own Join key (takes precedence over 'joinKeyFile')
    #joinKey: "<Your joinKey>"

    ## Join key file location
    #joinKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/join.key>"

    ## Master key file location
    ## Generated by the product on first startup if not provided
    #masterKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/master.key>"

    ## Maximum time to wait for key files (master.key and join.key)
    #bootstrapKeysReadTimeoutSecs: 120

  ## Logging Configuration (for non-java services)
  ## Artifactory/Access logging can be configured in the separate logback.xml file  
  logging:
    consoleLog:
      ## If true, all service console logs will be redirected to a common console.log
      #enabled: true

    ## Log rotation settings
    rotation:
      ## The max file size at which enforce rotation
      #maxSizeMb: 25

      ## The number of backup files to maintain
      #maxFiles: 10

      ## Whether to compress the backup file
      #compress: true

  ## Node Settings
  node:
    ## A unique id to identify this node.
    ## Default: auto generated at startup.
    #id: "art1"

    ## Default: auto resolved by startup script
    #ip:

    ## Sets this node as primary in HA installation
    #primary: true

    ## Sets this node as part of HA installation
    #haEnabled: true

  ## Database Configuration
  database:
    ## One of: mysql, oracle, mssql, postgresql, mariadb
    ## Default: Embedded derby

    ## Example for postgresql
    #type: postgresql
    #driver: org.postgresql.Driver
    #url: jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory
    #username: artifactory
    #password: password

    ## Example for mysql
    #type: mysql
    #driver: com.mysql.jdbc.Driver
    #url: jdbc:mysql://<your db url, for example: localhost:3306>/artdb?characterEncoding=UTF-8&elideSetAutoCommits=true&useSSL=false
    #username: artifactory
    #password: password

    ## Example for oracle
    #type: oracle
    #driver: oracle.jdbc.OracleDriver
    #url: jdbc:oracle:thin:@<your db server url, for example: localhost:1521>:ORCL
    #username: artifactory
    #password: password

    ## Example for mssql
    #type: mssql
    #driver: com.microsoft.sqlserver.jdbc.SQLServerDriver
    #url: jdbc:sqlserver://<your db server url, for example: localhost:1433>;databaseName=artifactory;sendStringParametersAsUnicode=false;applicationName=Artifactory Binary Repository
    #username: artifactory
    #password: password

    ## Example for mariadb
    #type: mariadb
    #driver: org.mariadb.jdbc.Driver
    #url: jdbc:mariadb://<your db server url, for example: localhost:3306>/artdb?characterEncoding=UTF-8&elideSetAutoCommits=true&useSSL=false
    #username: artifactory
    #password: password

  ## Script Configuration
  ## Parameters for the application startup scripts
  script:
    ## The max time to wait for Tomcat to come up (START_TMO)
    #serviceStartTimeout: 60

  ## Add any custom environment variables to be passed to all the services
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64


Artifactory Operational Microservices

## ARTIFACTORY TEMPLATE
artifactory:
  #port: 8081

  ## Database settings for overriding shared.database and adding connection pool parameters
  ## Same format as under shared.database
  database:
    ## Max connections to the database the main connection pool can consume
    #maxOpenConnections: 100
    # Max connection to keep idle
    #maxIdleConnections: 10
    # Connection pool manager. Either tomcat-jdbc or hikari
    #poolType: "tomcat-jdbc"

  ## Artifactory Tomcat connector customization on the Artifactory port
  tomcat:
    ## Artifactory connector settings
    connector:
      #maxThreads: 200
      ## Extra configuration to add to the Artifactory connector
      #extraConfig: "acceptCount='30' compression='off' connectionLinger='-1' connectionTimeout='1500000' acceptorThreadCount='2'"
    maintenanceConnector:
      ## This port is dedicated for the maintenance requests
      ## Currently, it is going to be used by Router to issue a health check requests
      #port: 8091

      #maxThreads: 5
      #acceptCount: 5

      ## An extra configuration to add to the maintenance connector
      #extraConfig: ""

    ## Set up an HTTPS connector for artifactory. This opens a port 
    ## in addition to the default HTTP connector. All relevant 
    ## properties configured for the HTTP connector are applied also
    ## for this connector (e.g. "maxThreads")
    httpsConnector:
      ## Enable connector with SSL/TLS
      #enabled: false

      ## Port to use for the HTTPS connector
      #port: 8443

      ## Certificate file to use
      #certificateFile: "$JFROG_HOME/artifactory/var/etc/artifactory/security/ssl/server.crt"

      ## Certificate key file to use.
      #certificateKeyFile: "$JFROG_HOME/artifactory/var/etc/artifactory/security/ssl/server.key"
   
      ## Extra configuration for the HTTPS connector.
      ## Example: 
      ## extraConfig: "SSLProtocol='TLSv1+TLSv1.1+TLSv1.2'"
      #extraConfig: ""



  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64


## ACCESS TEMPLATE
access:
  ## http port
  http:
    #port: 8040

  ## grpc port
  grpc:
    #port: 8045

  ## Database settings for overriding shared.database
  ## Same format as under shared.database. Default embedded database is derby
  database:
    #username: "username"
    #password: "password"
    #type: "derby"
    #url: "jdbc:derby:<DERBY_DB_HOME_PLACE_HOLDER>;create=true"
    #driver: "org.apache.derby.jdbc.EmbeddedDriver"
    #maxOpenConnections: 100
    # Max connection to keep idle
    #maxIdleConnections: 10
    # Connection pool manager. Either tomcat-jdbc or hikari
    #poolType: "tomcat-jdbc"

  ## Tomcat connector customization on the Access port
  tomcat:
    ## Access connector settings
    connector:
      #maxThreads: 50

      ## Extra configuration to add to the Access connector
      #extraConfig: ""

  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64

## EVENT TEMPLATE
event:
  ## Service http port
  #port: 8061
  ## Service grpc port
  #grpcPort: 8062

  ## Access token cache setting
  tokenCache:
    ## Duration for keeping the access token validation result in memory cache
    #timeout: "1m"

  ## Artifactory client settings
  artifactoryClient:

    ## HTTP request settings
    request:
      ## Http timeout in seconds
      #timeout: 5

  ## Artifactory proxy cache setting
  proxyCache:
    ## Time between two proxies gatherings
    #interval: 5m

  ## Profiling Related Settings
  profiling:
    ## Enable profiling endpoint for event service
    #enabled: false

  metrics:
    ## If true, enable metrics gathering in this service
    #enabled: false
    #interval: "10s"
    ## Excluded providers from metrics
    #exclude:

  ## Logging settings
  logging:

    application:
      ## Log file name
      #filePath: "event-service.log"
      ## If true, app logs will also be written to standard out
      #console: true
      ## The log level: error, warn, info, debug, trace
      ## This value is configurable during runtime
      #level: "info"
      ## The log format: jftext, json
      #format: "jftext"
      ## Whether to include the caller information (runtime frame)
      #caller: false

      ## Log rotation setting
      rotation:
        #compress: true
        #maxSizeMb: 25
        #maxAgeDays: 365
        #maxFiles: 10

    ## Web server request log settings
    request:
      #filePath: "event-request.log"
      ## If true, request logs will also be written to standard out
      #console: false

      ## Log rotation setting
      rotation:
        #compress: true
        #maxSizeMb: 25
        #maxAgeDays: 365
        #maxFiles: 10

    ## Metrics log settings
    metrics:
      #filePath: "event-metrics.log"
      #console: false

      ## Log rotation setting
      rotation:
        #compress: true
        #maxSizeMb: 25
        #maxAgeDays: 365
        #maxFiles: 10

  ## Rate limite settings
  rateLimit:
    ## Mean number of events per second that can be sent to webhook targets.
    #frequency: 1000.0
    ## Maximum number of events that can be sent as fast as possible. Once this threshold is reached, new events are sent at the exact defined frequency.
    #burstSize: 10000
    ## Maximum number of events that can be sent concurrently. When this threshold is reached, new events that are received are rejected.
    #maxConcurrentHandlers: 50000

  ## WebHook handler settings
  webhooks:
    ## timeout specifies a time limit for requests.
    ## The timeout includes connection time, any redirects, and reading the response body.
    ## The timer remains running after request return and will interrupt reading of the response body.
    ## A timeout of zero means no timeout.
    #timeout: 30
    ## Controls the maximum number of idle (keep-alive) connections across all hosts.
    ## Zero means no limit
    #maxIdleConnections: 100
    ## If non-zero, controls the maximum idle (keep-alive) connections to keep per-host.
    ## 0 means system default (2).
    #maxIdleConnectionsPerHost: 100
    ## Controls whether a client verifies the server's certificate chain and host name.
    ## If true, TLS accepts any certificate presented by the server and any host name
    ## in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks.
    ## This should be used only for testing.
    #tlsInsecure: false
    ## Number of retry that will be done when event service is unable to send the request or when it receives an error
    ## (>= 500) from the server. The first try count as one
    #retryCount: 5
    ## Time in second event service will wait between 2 retries
    #retryWait: 10


## FRONTEND TEMPLATE
frontend:
  #port: 8070

  ## Session settings
  session:
    ## After how much time the frontend token need to be refreshed
    #timeMinutes: '30'

  ## Logging settings
  logging:
    application:
      ## The log level: error, warning, info, debug, trace
      #level: info

      ## Log rotation settings
      rotation:
        #maxSizeMb: 10
        #maxFiles: 10

    request:
      ## Log rotation settings
      rotation:
        #maxSizeMb: 10
        #maxFiles: 10

  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64

  startup:
	# Pinging artifactory on startup settings
    ping: 
      #intervalMS : 1000
      #retries : 180
 
 

## METADATA TEMPLATE
metadata:
  #port: 8086

  ## Database settings for overriding shared.database
  ## Same format as under shared.database. Default embedded database is sqlite
  database:
    ## Max connections to the database the main connection pool can consume
    #maxOpenConnections: 50

  ## Logging Settings
  logging:
    application:
      ## The log level: error, warn, info, debug
      #level: info

      ## If console value is true, application logs will also be written to standard out
      #console: true

      ## Specific internal packages to set with a different log level
      packages:
        #- name: common
        #  level: debug
        #- name: daos
        #  level: warn

      ## Log rotation settings
      rotation:
        ## Maximum duration in days to retain old log files
        #maxAgeDays: 365

        ## Maximum number of old log files to retain. Will be overridden by maxAgeDays
        #maxFiles: 100

        ## Maximum size in megabytes of the log file before it will get rotated
        #maxSizeMb: 25

        ## If compress is true, gzip compression will be applied while rotating log files
        #compress: true

    request:
      ## If requestConsole value is true, request logs will also be written to standard out
      #console: false

      ## Log rotation settings
      rotation:
        ## Maximum duration in days to retain old log files
        #maxAgeDays: 365

        ## Maximum number of old log files to retain. Will be overridden by maxAgeDays
        #maxFiles: 100

        ## Maximum size in megabytes of the log file before it will get rotated
        #maxSizeMb: 25

        ## If compress is true, gzip compression will be applied while rotating log files
        #compress: true

  ## Profiling Related Settings
  profiling:
    ## Enable profiling endpoints for metadata
    #enabled: true

  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64
  tokenCache:
    #timeout: 115s


## ROUTER TEMPLATE
router:
  ## Profiling Related Settings
  profiling:
    ## Enable profiling endpoints
    #enabled: true

  ## Corporate Proxy Related Settings
  proxy:
    ## Proxy url for all outgoing http requests
    #httpUrl: ""

    ## Proxy url for all outgoing https requests
    #httpsUrl: ""

    ## List of target hosts to communicate with directly, bypassing the proxy.
    ## "localhost" will always be added to this list automatically.
    #ignoredHosts:
    #- "ignore.me.com"
    #- "ignore.me2.com"

  ## Router Entry Points
  entrypoints:
    ## The internal port, used by local services to communicate with the router and any other service (local and external)
    #internalPort: 8046

    ## The external port, registered in the service registry, used by external services to communicate with services in this node
    #externalPort: 8082

    ## An internal port used for internal Traefik (and Router) REST API
    #traefikApiPort: 8049

    ## An internal port used for Router's gRPC API
    #grpcPort: 8047

  ## Service Registry (Access) Communication Settings
  serviceRegistry:
    ## Service registry (Access) TLS verification skipped if enabled
    #insecure: false

    ## Service registry (Access) request timeout
    #requestTimeout: 15s

    ## Skip the connectivity test step of the Service registry join flow
    ## This may be required for restrictive network setups, where insecure communication is not allowed
    #skipJoinConnectivityTest: false

  ## Topology Settings
  topology:
    ## Local topology settings
    local:
      ## Settings for checking the health of the local services
      healthCheck:
        ## Duration between health checks
        #interval: 5s

        ## Health check request timeout
        #requestTimeout: 5s

        ## The number of consecutive successful health checks that must occur before declaring an instance healthy
        #healthyThreshold: 2

        ## The number of consecutive failed health checks that must occur before declaring an instance unhealthy
        #unhealthyThreshold: 2

    ## External topology settings
    external:
      ## Settings for refreshing the router with external topology from the service registry
      refresh:
        ## Refresh interval
        #interval: 3s

        ## The maximum duration a service can be considered as healthy since its last heartbeat
        #maxStaleHeartbeat: 30s

  ## Support Bundle Aggregation Settings
  supportBundle:
    ## The maximum duration support bundle aggregation is allowed before it is automatically cancelled
    #aggregationTimeout: 1h

  ## Logging Settings
  logging:
    ## Router log settings
    application:
      ## The log level: error, warning, info, debug, trace
      ## This value is configurable during runtime
      #level: "info"

      ## The log format: jftext, json
      #format: "jftext"

      ## Whether to include the caller information (runtime frame)
      #caller: false

      ## Whether to print the log also to stdout
      #console: true

      ## Log rotation settings
      rotation:
        #compress: true
        #maxSizeMb: 25
        #maxAgeDays: 0
        #maxFiles: 10

    ## Traefik log settings
    traefik:
      ## The log level: error, warning, info, debug, trace
      #level: "info"

      ## The log format: jftext, json
      #format: "jftext"

      ## Whether to include the caller information (runtime frame)
      #caller: false

      ## Whether to print the log also to stdout
      #console: true

      ## Log rotation settings
      rotation:
        #compress: true
        #maxSizeMb: 25
        #maxAgeDays: 0
        #maxFiles: 10

    ## Request log settings
    request:
      ## If true, request log will contain additional information
      ## This may result in a slight performance overhead
      #verbose: false

      ## Log rotation settings
      rotation:
        #compress: true
        #maxSizeMb: 100
        #maxAgeDays: 0
        #maxFiles: 10

  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64


## REPLICATOR TEMPLATE
replicator:
  ## Set to true if using an Enterprise Plus license
  #enabled: false
  #port: 8048

  ## Logging settings
  logging:
    application:
      #level: info

  ## TLS settings
  tls:
    ## If true will allow self signed certificates for tls
    #skipVerifyCertificate: false

  profiling:
    #port: 8041
    #enabled: true
    #allowedHost: "localhost"

  txDir:
    ## clean up old parts which have not been fully replicated in this time, default 1 month
    #cleanUpAgeSecs: 2592000

    ## intervals to check for old parts which haven't been replicated
    #cleanUpIntervalSecs: 3600

  ## Add any custom environment variables to be passed to this service
  ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
  env:
    #EXAMPLE_VAR: example-value
    #LD_LIBRARY_PATH: /usr/lib64
Copyright © 2020 JFrog Ltd.