Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
591 lines (574 sloc) 20.7 KB
{
// -------------------------------------------------------------------------
// Kuzzle configuration sample file
//
// You can copy this file to a valid [rc](https://github.com/dominictarr/rc)
// file location to customize Kuzzle configuration
// -------------------------------------------------------------------------
// The HTTP section lets you configure how Kuzzle should handle HTTP requests
"http": {
// * accessControlAllowOrigin:
// sets the default Access-Control-Allow-Origin HTTP
// header used to send responses to the client
// (see https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS)
"accessControlAllowOrigin": "*"
},
// Kuzzle configured limits
"limits": {
// * concurrentRequests:
// Number of requests Kuzzle processes simultaneously.
// Requests received above this limit are buffered until a slot is freed
// This value should be kept low to avoid overloading Kuzzle's event loop.
// * documentsFetchCount:
// Maximum number of documents that can be fetched by a single API
// request. The minimum value to this limit is 1.
// This limits is applied to any route returning multiple documents,
// such as document:mGet or document:search
// You may have to configure ElasticSearch as well if you need
// to set this value higher than 10000
// * documentsWriteCount:
// Maximum number of documents that can be written by a single API
// request. The minimum value to this limit is 1.
// There is no higher limit to this value, but you may
// also have to change the value of the "maxRequestSize" parameter
// (in the "server" section) to make Kuzzle accept larger requests.
// * requestsBufferSize:
// Maximum number of requests that can be buffered.
// Requests received above this limit are discarded with a 503 error
// * requestsBufferWarningThreshold:
// Number of buffered requests after
// which Kuzzle will throw 'core:overload' events
// (see http://docs.kuzzle.io/plugin-reference/#core)
// * subscriptionConditionsCount
// Maximum number of conditions a subscription filter can contain
// NB: A condition is either a "simple" operator (anything but and, or and bool)
// or a boolean condition that contains only simple operators.
// * subscriptionMinterms
// Maximum number of minterms (AND) clauses after the filters are
// transformed in their Canonical Disjunctive Normal Form (CDNF).
// Set to 0 for no limit.
// * subscriptionRooms
// Maximum number of different subscription rooms
// (i.e. different index+collection+filters subscription configurations)
// Depends primarily on available memory.
// If set to 0, an unlimited number of rooms can be created
// * subscriptionDocumentTTL
// Maximum time (in seconds) a document will be kept in cache for real-time subscriptions.
// This cache is used to notify subscriber when a document enters or leaves a scope after an update.
// By default, subscriptions will be kept 72 hours.
// /!\ Please note that keeping subscriptions over a long period of time may result in memory overuse. /!\
// If set to 0, the subscription will be kept in cache forever.
// /!\ Setting the property to 0 will lead to a memory leak if documents enter a real-time subscription scope and never exit that scope. /!\
"concurrentRequests": 50,
"documentsFetchCount": 10000,
"documentsWriteCount": 200,
"requestsBufferSize": 50000,
"requestsBufferWarningThreshold": 5000,
"subscriptionConditionsCount": 16,
"subscriptionMinterms": 0,
"subscriptionRooms": 1000000,
"subscriptionDocumentTTL": 259200 // 72 * 60 * 60
},
// The plugins section lets you define plugins behaviors
// (see http://kuzzle.io/guide/#plugins)
"plugins": {
// [Common]
// * bootstrapLockTimeout
// Maximum amount of time (in milliseconds)
// to wait for a concurrent plugin bootstrap
// * pipeWarnTime:
// Warning time threshold (in milliseconds)
// on a pipe plugin action
// * pipeTimeout:
// Maximum execution time (in milliseconds)
// of a pipe plugin action
// * initTimeout:
// Maximum execution time (in milliseconds)
// of a plugin initialization
"common": {
"bootstrapLockTimeout": 5000,
"pipeWarnTime": 40,
"pipeTimeout": 250,
"initTimeout": 2000
}
// Custom plugin configurations must be described here.
// Example:
//
// "plugin-name": {
// "<configuration property name>": "<value>"
// }
},
// The repositories are used internally by Kuzzle to store its data (users,
// permissions, configuration etc.)
"repositories": {
// [Common]
// * cacheTTL:
// Time to live (in seconds) of cached objects.
// Decreasing this value will lower Redis memory and
// disk consumption, at the cost of increasing
// queries rate to the database and response times
"common": {
"cacheTTL": 1440
}
},
// The security section contains the configuration for Kuzzle permissions
// mechanism
"security": {
// [restrictedProfileIds]
// The profileIds applied to a user created with the API route
// users/_createRestricted
"restrictedProfileIds": ["default"],
// [jwt]
// configuration for npm
// [jsonwebtoken package](https://github.com/auth0/node-jsonwebtoken)
//
// * algorithm:
// hash/encryption method used to sign the token
// * expiresIn:
// Token default expiration time
// (interpreted by https://www.npmjs.com/package/ms)
// * secret:
// String or buffer data containing either the secret for HMAC
// algorithms, or the PEM encoded private key for RSA and ECDSA.
// If left to null (default), Kuzzle will autogenerate a random
// seed (can only be used with HMAC algorithms).
"jwt": {
"algorithm": "HS256",
"expiresIn": "1h",
"secret": null
},
// [default]
// The default role defines permissions for all users,
// until an administrator configures the backend rights
// By default, all users are granted all permissions
"default": {
"role": {
"controllers": {
"*": {
"actions": {
"*": true
}
}
}
}
},
// [standard]
// Permissions used when creating an administrator user, either using the
// CLI or the Back Office.
//
// By default, the admin user is granted all permissions.
// Anonymous and non-administrator users have their rights restricted
"standard": {
"profiles": {
"admin": {
"policies": [ {"roleId": "admin"} ]
},
"default": {
"policies": [ {"roleId": "default"} ]
},
"anonymous": {
"policies": [ {"roleId": "anonymous"} ]
}
},
"roles": {
"admin": {
"controllers": {
"*": {
"actions": {
"*": true
}
}
}
},
"default": {
"controllers": {
"auth": {
"actions": {
"checkToken": true,
"getCurrentUser": true,
"getMyRights": true,
"logout": true,
"updateSelf": true
}
},
"server": {
"actions": {
"info": true
}
}
}
},
"anonymous": {
"controllers": {
"auth": {
"actions": {
"checkToken": true,
"getCurrentUser": true,
"getMyRights": true,
"login": true
}
},
"server": {
"actions": {
"info": true
}
}
}
}
}
}
},
// Kuzzle server is the entry point for incoming requests
"server": {
// [entryPoints]
// list of available entry points for Kuzzle.
// Posible values:
// - embedded: Kuzzle can run on its own and does not require any
// external component to process requests
// - proxy: Kuzzle will connect to a Kuzzle proxy and process requests
// coming from it
// Entry points can be combined.
"entryPoints": {
"embedded": true,
"proxy": false
},
// [proxy]
// A Kuzzle proxy can be used to forward requests to Kuzzle.
// * host:
// Host name/address of a Kuzzle proxy server.
// Can be a hostname, an IP address or an URI.
// * pingInterval:
// Time (in milliseconds) between ping requests
// * pingTimeout:
// Timeout (in milliseconds) of a ping request. If reached, Kuzzle
// marks its connection to the distant host as lost.
// * port:
// Network port opened by the Kuzzle proxy server
// * retryClientListDelay
// Time after which (in milliseconds) Kuzzle should ask the proxy to
// send the list of clients back after a disconnection (default 1s).
// * retryInterval:
// Time interval (in milliseconds) between reconnection retries
// when the connection to the broker server has been lost
"proxy": {
"host": "localhost",
"port": 7331,
"pingInterval": 60000,
"pingTimeout": 500,
"resendClientListDelay": 1000,
"retryInterval": 1000
},
// [logs] (embedded only)
// Configuration section for Kuzzle access logs
// * transports:
// An array of Winston transports configurations to output access
// logs. Possible transport types are: console, file, elasticsearch
// and syslog.
// Please refer to https://github.com/winstonjs/winston/blob/master/docs/transports.md
// for more information on transports configuration.
// * accessLogFormat:
// Access log format.
// Currently supported are "combined" (=Apache combined logs format) and
// "logstash".
// "logstash" will output the whole request input to JSON, ready to
// be consumed by logstash agent.
// * accessLogIpOffset:
// The offset to use as the client ip, from the FORWARDED-FOR chain,
// beginning from the right (0 = the ip address of the last
// client|proxy which connected to Kuzzle
"logs": {
"transports": [
{
"transport": "console",
"level": "info",
"stderrLevels": [],
"format": "simple",
"silent": true
}
],
"accessLogFormat": "combined",
"accessLogIpOffset": 0
},
// (embedded only)
// * maxRequestSize:
// The maximum size of an incoming request. Units can be expressed in
// bytes ("b" or none), kilobytes ("kb"), megabytes ("mb"), gigabytes
// ("gb") or terabytes ("tb")
// * port:
// The port on which Kuzzle should bind to
//
"maxRequestSize": "1mb",
"port": 7512,
// [protocols] (embedded only)
// protocols accepted by Kuzzle.
// protocols can be extended using plugins and configured in this section.
"protocols": {
"http": {
// * enabled:
// Set to "false" to disable HTTP support
// * maxFormFileSize:
// Maximum size of requests sent via http forms
// * maxEncodingLayers:
// Maximum number of encoding layers that can be applied
// to an http message, using the Content-Encoding header.
// This parameter is meant to prevent abuses by setting an
// abnormally large number of encodings, forcing Kuzzle to
// allocate as many decoders to handle the incoming request.
// * allowCompression:
// Enable support for compressed requests, using the
// Content-Encoding header
// Currently supported compression algorithms: gzip, deflate, identity
// Note: "identity" is always an accepted value, even if
// compression support is disabled
"enabled": true,
"maxFormFileSize": "1mb",
"maxEncodingLayers": 3,
"allowCompression": true
},
"mqtt": {
// * enabled:
// Set to true to enable MQTT support
// * allowPubSub
// Allow MQTT pub/sub capabilities or restrict to Kuzzle requests
// only
// * developmentMode
// Switches responseTopic back to a regular public topic
// * disconnectDelay
// Delay in ms to apply between a disconnection notification is
// received and the connection is actually removed
// * requestTopic
// Name of the topic listened by the plugin for requests
// * responseTopic
// Name of the topic clients should listen to get requests result
// * server
// Constructor options passed to underlying mqtt server.
// See mosca documentation for further reference.
"enabled": false,
"allowPubSub": false,
"developmentMode": false,
"disconnectDelay": 250,
"requestTopic": "Kuzzle/request",
"responseTopic": "Kuzzle/response",
"server": {
"port": 1883
}
},
"socketio": {
"enabled": true,
// value of Access-Control-Allow-Origin header to answer the upgrade request
"origins": "*:*"
},
"websocket": {
"enabled": true
}
}
},
// Services are the external components Kuzzle relies on.
"services": {
// [common]
// * defaultInitTimeout:
// Time in ms after which a service is considered
// failing if it has not init.
// * retryInterval:
// Default interval in ms between Kuzzle tries to init
// the service again on first failure.
"common": {
"defaultInitTimeout": 10000,
"retryInterval": 1000
},
// [internalCache]
// The cache service relies on Redis
// sample settings for Redis service (see also https://github.com/luin/ioredis):
//
// 1. using a single Redis database:
// node:
// * host:
// The host on which Redis can be reached.
// Can take an IP address, an URI or a hostname
// * port:
// The port on which Redis is running its database:
// * (optional) database:
// ID of the redis database (default: 0)
"internalCache": {
"backend": "redis",
"node": {
"host": "localhost",
"port": 6379
}
},
// [internalEngine]
// The database layer used internally by Kuzzle
// * bootstrapLockTimeout:
// Maximum amount of time (in milliseconds)
// to wait for a concurrent database bootstrap
"internalEngine": {
"bootstrapLockTimeout": 5000
},
// 2. using a master/slaves Redis instance with Redis sentinels
// (cf. http://redis.io/topics/sentinel):
// * node:
// * sentinels:
// array of sentinels instances:
// * host:
// Host name/address of the sentinel server
// Can be an IP address, an URI or a hostname
// * port:
// Network port opened by Redis on the sentinel server
// * name:
// Group of Redis instances composed of a master and one
// or more slaves
// * (optional) database:
// ID of the redis database (default: 0)
//"internalCache": {
// "backend": "redis",
// "node": {
// "sentinels": [
// {"host": "sentinel-host-1", "port": 26379},
// {"host": "sentinel-host-2", "port": 26379},
// {"host": "sentinel-host-3", "port": 26379}
// ],
// "name": "kuzzle"
// }
//},
// 3. using a redis cluster (cf. http://redis.io/topics/cluster-spec):
// * nodes: array of master nodes of the cluster
// * host:
// Host name/address of a redis cluster node
// Can be an IP address, an URI or a hostname
// * port:
// Network port opened by the redis cluster node
//"internalCache": {
// "backend": "redis",
// "nodes": [
// {"host": "redis-1", "port": 6379},
// {"host": "redis-2", "port": 6379},
// {"host": "redis-3", "port": 6379}
// ]
//},
// [memoryStorage]
// The Redis memoryStorage Engine
// (see "internalCache" above for sample settings)
// By default, the memoryStorage engine uses the same Redis server
// as internalCache, on database ID "5"
"memoryStorage": {
"backend": "redis",
"database": 5,
"node": {
"host": "localhost",
"port": 6379
}
},
// [garbageCollector]
// The document garbage collector service: permanently delete
// documents in the trashcan area
//
// * cleanInterval:
// Delay between each garbage collection, in milliseconds
// * maxDelete:
// Maximum number of documents to delete **per data collection**
"garbageCollector": {
"cleanInterval": 86400000,
"maxDelete": 1000
},
// [db]
// The default database layer is Elasticsearch and it is
// currently the only database layer we support.
// * client:
// Elasticsearch constructor options. Use this field to specify your Elasticsearch config options, this object
// is passed through to the Elasticsearch constructor and can contain all options/keys outlined here:
// https://www.elastic.co/guide/en/elasticsearch/client/javascript-api/current/configuration.html
"db": {
"backend": "elasticsearch",
"aliases": ["storageEngine"],
"client": {
"host": "http://localhost:9200",
"apiVersion": "5.6"
},
// default mapping applied to all collections
"commonMapping": {
"_kuzzle_info": {
"properties": {
"active": {"type": "boolean"},
"author": {"type": "keyword"},
"createdAt": {"type": "date"},
"updatedAt": {"type": "date"},
"updater": {"type": "keyword"},
"deletedAt": {"type": "date"}
}
}
},
"defaults": {
// Number of retries to attempt on an update conflict
// before throwing an error
"onUpdateConflictRetries": 0,
// Time to live of a paginated search
"scrollTTL": "15s"
}
}
},
// Configuration of the Kuzzle's internal statistics module
// * ttl:
// Time to live (in seconds) of a statistics frame
// * statsInterval:
// Time (in seconds) between statistics snapshots
"stats": {
"ttl": 3600,
"statsInterval": 10
},
// [validation]
// Defines the specifications used to validate data.
// Please refer to the guide for more information.
// (http://docs.kuzzle.io/guide/#data-validation)
"validation": {
},
// [dump]
// Kuzzle provides diagnostic tools, enabling analysis, support
// and debugging on unexpected events (errors, crashes)
// DO NOT disable this feature if you bought enterprise support
// * enabled:
// Enable/disable information dump on crash or on errors
// (see below)
// * history:
// * coredump:
// Maximum number of core dumps to keep.
// Core dumps weight usually between 1 and 2GB,
// so make sure you have enough space to store
// the provided number of coredumps.
// * reports:
// Maximum number of reports directories
// * path:
// Directory path where the dumps are stored
// * gcore:
// Location of the "gcore" binary
// * dateFormat:
// Format used to generate dump names
// (see http://momentjs.com for formats)
// * handledErrors:
// Creates a dump whenever an error belonging to the
// provided list is generated
// * enabled:
// Enable/disable dumps on generated errors.
// If disabled, dumps will only occur on crashes.
// * whitelist:
// List of error types triggering a dump
"dump": {
"enabled": true,
"history": {
"coredump": 3,
"reports": 10
},
"path": "./dump/",
"gcore": "/usr/bin/gcore",
"dateFormat": "YYYYMMDD-HHmm",
"handledErrors": {
"enabled": true,
"whitelist": [
"Error",
"RangeError",
"TypeError",
"KuzzleError",
"InternalError"
]
}
}
}