You can configure all your system settings using the |
Edit the |
## @formatter:off ## JFROG ARTIFACTORY SYSTEM CONFIGURATION FILE ## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character. configVersion: 1 ## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products. ## Replace JFROG_HOME with the real path! ## For example, in RPM install, JFROG_HOME=/opt/jfrog ## NOTE: Sensitive information such as passwords and join key are encrypted on first read. ## NOTE: The provided commented key and value is the default. ## SHARED CONFIGURATIONS ## A shared section for keys across all services in this config shared: ## Java 11 distribution to use #javaHome: "JFROG_HOME/artifactory/app/third-party/java" ## Extra Java options to pass to the JVM. These values add to or override the defaults. #extraJavaOpts: "-Xms512m -Xmx2g" ## Security Configuration security: ## Join key value for joining the cluster (takes precedence over 'joinKeyFile') #joinKey: "<Your joinKey>" ## Join key file location #joinKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/join.key>" ## Master key file location ## Generated by the product on first startup if not provided #masterKeyFile: "<For example: JFROG_HOME/artifactory/var/etc/security/master.key>" ## Maximum time to wait for key files (master.key and join.key) #bootstrapKeysReadTimeoutSecs: 120 ## Logging Configuration logging: consoleLog: ## If true, all service console logs will be redirected to a common console.log #enabled: true ## Log rotation settings rotation: ## The max file size at which enforce rotation #maxSizeMb: 25 ## The number of backup files to maintain #maxFiles: 10 ## Whether to compress the backup file #compress: true ## Node Settings node: ## A unique id to identify this node. ## Default: auto generated at startup. #id: "art1" ## Default: auto resolved by startup script #ip: ## Default: auto resolved by startup script #name: "" ## Sets this node as primary in HA installation #primary: true ## Sets this node as part of HA installation #haEnabled: true ## Database Configuration database: ## One of: mysql, oracle, mssql, postgresql, mariadb #Default: Embedded derby ## Example for postgresql #type: postgresql #driver: org.postgresql.Driver #url: "jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory" #username: artifactory #password: password ## Example for mysql #type: mysql #driver: com.mysql.jdbc.Driver #url: "jdbc:mysql://<your db url, for example: localhost:3306>/artdb?characterEncoding=UTF-8&elideSetAutoCommits=true&useSSL=false" #username: artifactory #password: password ## Example for oracle #type: oracle #driver: oracle.jdbc.OracleDriver #url: "jdbc:oracle:thin:@<your db server url, for example: localhost:1521>:ORCL" #username: artifactory #password: password ## Example for mssql #type: mssql #driver: com.microsoft.sqlserver.jdbc.SQLServerDriver #url: "jdbc:sqlserver://<your db server url, for example: localhost:1433>;databaseName=artifactory;sendStringParametersAsUnicode=false;applicationName=Artifactory Binary Repository" #username: artifactory #password: password ## Example for mariadb #type: mariadb #driver: org.mariadb.jdbc.Driver #url: "jdbc:mariadb://<your db server url, for example: localhost:3306>/artdb?characterEncoding=UTF-8&elideSetAutoCommits=true&useSSL=false" #username: artifactory #password: password ## Script Configuration ## Parameters for the application startup scripts script: ## The max time to wait for Tomcat to come up (START_TMO) #serviceStartTimeout: 60 ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## Run as a given user and group ## Note : This is only considered in linux archive installation which is installed as a service ## Make sure to change ownership of JFROG_HOME/artifactory/app and JFROG_HOME/artifactory/var directory, if this is modified after install #user: artifactory #group: artifactory ## Metrics configuration metrics: ## Settings for pushing metrics to Insight filebeat: ## If enabled, Filebeat will be started and metrics will be pushed to Elasticsearch #enabled: false ## Configuration settings for log files of filebeat log: #enabled: false ## Log level for filebeat. Possible values: debug, info, warning, or error. #level: "info" ## Elasticsearch details for filebeat to connect elasticsearch: #url: "Elasticsearch url where JFrog Mission Control is installed For example, http://<ip_address>:8082" #username: "" #password: "" ## ARTIFACTORY TEMPLATE artifactory: #port: 8081 ## Database settings for overriding shared.database and adding connection pool parameters ## Same format as under shared.database database: ## Max connections to the database the main connection pool can consume #maxOpenConnections: 100 ## Max connection to keep idle #maxIdleConnections: 10 ## Min connection to keep idle #minIdleConnections: 1 ## Connection pool manager. Either tomcat-jdbc or hikari #poolType: "tomcat-jdbc" ## Node NFS storage settings. Used in HA setup only! node: ## Data directory #haDataDir: ## Backup directory #haBackupDir: ## Artifactory Tomcat connector customization on the Artifactory port tomcat: ## Artifactory connector settings connector: #maxThreads: 200 ## An extra configuration to add to the Artifactory connector #extraConfig: "" maintenanceConnector: ## This port is dedicated for the maintenance requests ## Currently, it is going to be used by Router to issue a health check requests #port: 8091 #maxThreads: 5 #acceptCount: 5 ## An extra configuration to add to the maintenance connector #extraConfig: "" ## Set up an HTTPS connector for artifactory. This opens a port ## in addition to the default HTTP connector. All relevant ## properties configured for the HTTP connector are applied also ## for this connector (e.g. "maxThreads") httpsConnector: ## Enable connector with SSL/TLS #enabled: false ## Port to use for the HTTPS connector #port: 8443 ## Certificate file to use #certificateFile: "$JFROG_HOME/artifactory/var/etc/artifactory/security/ssl/server.crt" ## Certificate key file to use. #certificateKeyFile: "$JFROG_HOME/artifactory/var/etc/artifactory/security/ssl/server.key" ## Extra configuration for the HTTPS connector. ## For example extraConfig: "SSLProtocol='TLSv1+TLSv1.1+TLSv1.2'" #extraConfig: "" ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## Metrics configuration metrics: ## If enabled is true, metrics will be collected and written to artifactory-metrics or ## artifactory-metrics_events.log files #enabled: true ## Interval to collect metrics #interval: 60 ## Excluded providers from metrics #exclude: ## ACCESS TEMPLATE access: ## http port http: #port: 8040 ## grpc port grpc: #port: 8045 ## Database settings for overriding shared.database ## Same format as under shared.database. Default embedded database is derby database: #username: "username" #password: "password" #type: "derby" #url: "jdbc:derby:<DERBY_DB_HOME_PLACE_HOLDER>;create=true" #driver: "org.apache.derby.jdbc.EmbeddedDriver" #maxOpenConnections: 100 ## Max connection to keep idle #maxIdleConnections: 10 ## Min connection to keep idle #minIdleConnections: 1 ## Connection pool manager. Either tomcat-jdbc or hikari #poolType: "tomcat-jdbc" ## Tomcat connector customization on the Access port tomcat: ## Access connector settings connector: #maxThreads: 50 ## Extra configuration to add to the Access connector #extraConfig: "" ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## Skip creating default admin user on startup #startUpSkipDefaultAdmin: false ## FRONTEND TEMPLATE frontend: #port: 8070 ## Session settings session: ## After how much time the frontend token need to be refreshed #timeMinutes: '30' ## Logging settings logging: application: ## The log level: error, warning, info, debug, trace #level: info ## Log rotation settings rotation: #maxSizeMb: 10 #maxFiles: 10 request: ## Log rotation settings rotation: #maxSizeMb: 10 #maxFiles: 10 ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## METADATA TEMPLATE metadata: #port: 8086 ## Database settings for overriding shared.database ## Same format as under shared.database. Default embedded database is sqlite database: ## Max connections to the database the main connection pool can consume #maxOpenConnections: 100 ## Logging Settings logging: application: ## The log level: error, warn, info, debug #level: info ## If console value is true, application logs will also be written to standard out #console: true ## Specific internal packages to set with a different log level packages: common: #level: debug daos: #level: warn ## Log rotation settings rotation: ## Maximum duration in days to retain old log files #maxAgeDays: 365 ## Maximum number of old log files to retain. Will be overridden by maxAgeDays #maxFiles: 100 ## Maximum size in megabytes of the log file before it will get rotated #maxSizeMb: 25 ## If compress is true, gzip compression will be applied while rotating log files #compress: true request: ## If requestConsole value is true, request logs will also be written to standard out #console: false ## Log rotation settings rotation: ## Maximum duration in days to retain old log files #maxAgeDays: 365 ## Maximum number of old log files to retain. Will be overridden by maxAgeDays #maxFiles: 100 ## Maximum size in megabytes of the log file before it will get rotated #maxSizeMb: 25 ## If compress is true, gzip compression will be applied while rotating log files #compress: true ## Profiling Related Settings profiling: ## Enable profiling endpoints for metadata #enabled: true ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 tokenCache: #timeout: 115s ## ROUTER TEMPLATE router: ## Profiling Related Settings profiling: ## Enable profiling endpoints #enabled: true ## Corporate Proxy Related Settings proxy: ## Proxy url for all outgoing http requests #httpUrl: "" ## Proxy url for all outgoing https requests #httpsUrl: "" ## List of target hosts to communicate with directly, bypassing the proxy. ## "localhost" will always be added to this list automatically. #ignoredHosts: #- "ignore.me.com" #- "ignore.me2.com" ## Router Entry Points entrypoints: ## The internal port, used by local services to communicate with the router and any other service (local and external) #internalPort: 8046 ## The external port, registered in the service registry, used by external services to communicate with services in this node #externalPort: 8082 ## An internal port used for internal Traefik (and Router) REST API #traefikApiPort: 8049 ## An internal port used for Router's gRPC API #grpcPort: 8047 ## Service Registry (Access) Communication Settings serviceRegistry: ## Service registry (Access) TLS verification skipped if enabled #insecure: false ## Service registry (Access) request timeout #requestTimeout: 15s ## Skip the connectivity test step of the Service registry join flow ## This may be required for restrictive network setups, where insecure communication is not allowed #skipJoinConnectivityTest: false ## Topology Settings topology: ## Local topology settings local: ## Settings for checking the health of the local services healthCheck: ## Duration between health checks #interval: 5s ## Health check request timeout #requestTimeout: 5s ## The number of consecutive successful health checks that must occur before declaring an instance healthy #healthyThreshold: 2 ## The number of consecutive failed health checks that must occur before declaring an instance unhealthy #unhealthyThreshold: 2 ## External topology settings external: ## Settings for refreshing the router with external topology from the service registry refresh: ## Refresh interval #interval: 3s ## The maximum duration a service can be considered as healthy since its last heartbeat #maxStaleHeartbeat: 30s ## Support Bundle Aggregation Settings supportBundle: ## The maximum duration support bundle aggregation is allowed before it is automatically cancelled #aggregationTimeout: 1h ## Logging Settings logging: ## Router log settings application: ## The log level: error, warning, info, debug, trace ## This value is configurable during runtime #level: "info" ## The log format: jftext, json #format: "jftext" ## Whether to include the caller information (runtime frame) #caller: false ## Whether to print the log also to stdout #console: true ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 ## Traefik log settings traefik: ## The log level: error, warning, info, debug, trace ## This value is configurable during runtime #level: "info" ## The log format: jftext, json #format: "jftext" ## Whether to include the caller information (runtime frame) #caller: false ## Whether to print the log also to stdout #console: true ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 ## Request log settings request: ## If true, request log will contain additional information ## This may result in a slight performance overhead ## This value is configurable during runtime #verbose: false ## Log rotation settings rotation: #compress: true #maxSizeMb: 100 #maxAgeDays: 0 #maxFiles: 10 ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## REPLICATOR TEMPLATE replicator: ## Set to true if using an Enterprise Plus license #enabled: false #port: 8048 ## Logging settings logging: application: #level: info traffic: #maxFileSizeMb: 25 #maxFiles: 10 ## Set rotationIntervalSecs to a positive number to enable rotation by time, as well as by file size (maxFileSizeMb) #rotationIntervalSecs: 0 #compress: true ## Traffic is aggregated and written to the log every intervalSecs seconds #intervalSecs: 3 #eventsChannelSize: 1000 ## TLS settings tls: ## If true will allow self signed certificates for tls #skipVerifyCertificate: false profiling: #port: 8041 #enabled: true #allowedHost: "localhost" txDir: ## clean up old parts which have not been fully replicated in this time, default 1 month #cleanUpAgeSecs: 2592000 ## intervals to check for old parts which haven't been replicated #cleanUpIntervalSecs: 3600 ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ### EVENT TEMPLATE event: ## Service http port #port: 8061 ## Service grpc port #grpcPort: 8062 ## Access token cache setting tokenCache: ## Duration for keeping the access token validation result in memory cache #timeout: "1m" ## Artifactory client settings artifactoryClient: ## HTTP request settings request: ## Http timeout in seconds #timeout: 5 ## Support Bundle settings supportBundle: ## Timeout for gathering support bundle for the event service #aggregationTimeout: 1h ## Artifactory proxy cache setting proxyCache: ## Time between two proxies gatherings #interval: 5m ## Artifactory base URL cache setting baseUrlCache: ## Time between two base URL gatherings #interval: 5m ## Domain cache setting domainCache: ## Time between two domain gatherings #interval: 5m ## Profiling Related Settings profiling: ## Enable profiling endpoint for event service #enabled: false metrics: ## If true, enable metrics gathering in this service #enabled: false #interval: "10s" ## Excluded providers from metrics #exclude: ## Logging settings logging: application: ## Log file name #filePath: "event-service.log" ## If true, app logs will also be written to standard out #console: true ## The log level: error, warn, info, debug, trace ## This value is configurable during runtime #level: "info" ## The log format: jftext, json #format: "jftext" ## Whether to include the caller information (runtime frame) #caller: false ## Package-specific logging #packages: #events: #level: "info" #authorization: #level: warn ## Log rotation setting rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 365 #maxFiles: 10 ## Web server request log settings request: #filePath: "event-request.log" ## If true, request logs will also be written to standard out #console: false ## Log rotation setting rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 365 #maxFiles: 10 ## Metrics log settings metrics: #filePath: "event-metrics.log" #console: false ## Log rotation setting rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 365 #maxFiles: 10 ## Rate limite settings rateLimit: ## Mean number of events per second that can be sent to webhook targets. #frequency: 1000.0 ## Maximum number of events that can be sent as fast as possible. Once this threshold is reached, new events are sent at the exact defined frequency. #burstSize: 10000 ## Maximum number of events that can be sent concurrently. When this threshold is reached, new events that are received are rejected. #maxConcurrentHandlers: 50000 ## WebHook handler settings webhooks: ## timeout specifies a time limit for requests. ## The timeout includes connection time, any redirects, and reading the response body. ## The timer remains running after request return and will interrupt reading of the response body. ## A timeout of zero means no timeout. #timeout: 30s ## Controls the maximum number of idle (keep-alive) connections across all hosts. ## Zero means no limit #maxIdleConnections: 100 ## If non-zero, controls the maximum idle (keep-alive) connections to keep per-host. ## 0 means system default (2). #maxIdleConnectionsPerHost: 100 ## Controls whether a client verifies the server's certificate chain and host name. ## If true, TLS accepts any certificate presented by the server and any host name ## in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks. ## This should be used only for testing. #tlsInsecure: false ## Number of retry that will be done when event service is unable to send the request or when it receives an error ## (>= 500) from the server. The first try count as one #retryCount: 5 ## Time in second event service will wait between 2 retries #retryWait: 10s ## when true private networks (loopback, RFC1918, RFC3927, and IPV6 unique local addresses) will not be allowed as ## webhook targets #urlStrictPolicy: true |