-
Neo4j’s configuration is found in neo4j.conf.
-
Configuration of the daemonizing wrapper is found in conf/neo4j-wrapper.properties.
-
HTTP logging configuration is found in conf/neo4j-http-logging.xml.
The main configuration file for Neo4j is neo4j.conf. This file contains several important settings, and although the defaults are sensible administrators might choose to make changes (especially to the port settings).
Chose the database to mount like this:
dbms.active_database=graph.dbThe location of the Neo4j’s data directory can be customized:
dbms.directories.data=data|
Note
|
On Windows systems, absolute locations including drive letters need to read '"c:/data/db"'. |
Specify the HTTP server port supporting data, administrative, and UI access:
org.neo4j.server.webserver.port=7474Specify the client accept pattern for the webserver (default is 127.0.0.1, localhost only):
#allow any client to connect
org.neo4j.server.webserver.address=0.0.0.0For securing the Neo4j Server, see also [operations-security]
Set the URI path for the REST data API through which the database is accessed. This should be a relative path.
org.neo4j.server.webadmin.data.uri=/db/data/Setting the management URI for the administration API that the Webadmin tool uses. This should be a relative path.
org.neo4j.server.webadmin.management.uri=/db/manageForce the server to use IPv4 network addresses, in 'conf/neo4j-wrapper.conf' under the section Java Additional Parameters add a new paramter:
wrapper.java.additional=-Djava.net.preferIPv4Stack=trueSpecify the number of threads used by the Neo4j Web server to control the level of concurrent HTTP requests that the server will service.
org.neo4j.server.webserver.maxthreads=200|
Note
|
The default value is the number of CPUs reported available by the JVM, limited to a maximum of 500. The limit can be exceeded by specifying a larger value. |
The server guards against orphaned transactions by using a timeout. If there are no requests for a given transaction within the timeout period, the server will roll it back. You can configure the timeout period by setting the following property to the number of seconds before timeout. The default timeout is 60 seconds.
org.neo4j.server.transaction.timeout=60The graph database engine has a range of performance tuning options which are enumerated in [server-performance]. Note that other factors than Neo4j tuning should be considered when performance tuning a server, including general server load, memory and file contention, and even garbage collection penalties on the JVM, though such considerations are beyond the scope of this configuration document.
As well as logging events happening within the Neo4j server, it is possible to log the HTTP requests and responses that the server consumes and produces. Configuring HTTP logging requires operators to enable and configure the logger and where it will log; and then to optionally configure the log format.
|
Important
|
By default the HTTP logger uses http://en.wikipedia.org/wiki/Common_Log_Format[Common Log Format] meaning that most Web server tooling can automtically consume such logs. In general users should only enable HTTP logging, select an output directory, and if necessary alter the rollover and retention policies. |
To enable HTTP logging, edit neo4j.conf to resemble the following:
org.neo4j.server.http.log.enabled=true
org.neo4j.server.http.log.config=conf/neo4j-http-logging.xmlUsing org.neo4j.server.http.log.enabled=true tells the server that HTTP logging is enabled.
HTTP logging can be disabled completely by setting this property to false.
The setting org.neo4j.server.http.log.config=conf/neo4j-http-logging.xml specifies the logging format and rollover policy file that governs how HTTP log output is presented and archived.
The defaults provided with Neo4j server uses an hourly log rotation and Common Log Format.
If logging is set up to use log files then the server will check that the log file directory exists and is writable. If this check fails, then the server will not start and will report the failure to another available channel like standard out.
|
Tip
|
Neo4j server now has experimental support for logging full request and response bodies. It is enabled by setting the following property in neo4j.conf: org.neo4j.server.http.unsafe.content_log.enabled=trueThe following logging pattern must also be specified in neo4j-http-logging.xml: <pattern>%fullRequest\n\n%fullResponse</pattern>This functionality fully duplicates HTTP requests and responses, logging them out to disk. As such it is strongly advised to not run this in a production setting because of the potential to constrain performance. However it can prove useful in testing and pre-production environments. |
There are occasions, for example when you want to host Neo4j server behind a proxy (e.g. one that handles HTTPS traffic), and still have Neo4j respect the base URI of that externally visible proxy.
Ordinarily Neo4j uses the HOST header of the HTTP request to construct URIs in its responses.
Where a proxy is involved however, this is often undesirable.
Instead Neo4j uses the X-Forwarded-Host and X-Forwarded-Proto headers provided by proxies to parameterize the URIs in the responses from the database’s REST API.
From the outside it looks as if the proxy generated that payload.
If an X-Forwarded-Host header value contains more than one address (X-Forwarded-Host allows comma-and-space separated lists of addresses), Neo4j picks the first, which represents the client request.
In order to take advantage of this functionality your proxy server must be configured to transmit these headers to the Neo4j server.
Failure to transmit both X-Forwarded-Host and X-Forwarded-Proto headers will result in the original base URI being used.
To get garbage collection logging output you have to pass the corresponding option to the server JVM executable by setting the following value in conf/neo4j-wrapper.conf:
wrapper.java.additional=-Xloggc:data/log/neo4j-gc.logThis line is already present and needs uncommenting. Note also that logging is not directed to console. You will find the logging statements in data/log/ne4j-gc.log or whatever directory you set the option to.
The Browser can :play guides from remote locations. You can specify a whitelist of hosts from where the Browser will be allowed to fetch content from.
In neo4j.conf:
# To allow default hosts
dbms.browser.remote_content_hostname_whitelist="http://guides.neo4j.com,https://guides.neo4j.com,http://localhost,https://localhost"
# To allow all hosts (enterprise edition only)
dbms.browser.remote_content_hostname_whitelist="*"The Browser can load services and data from remote locations and with this configuration this can be restricted.
In neo4j.conf:
dbms.security.allow_outgoing_browser_connections=trueYou may, for security reasons, want to disable the the Neo4j Shell in Webadmin. Shells allow arbitrary code execution, and so they could constitute a security risk if you do not trust all users of your Neo4j Server.
In neo4j.conf:
# To disable all shells:
org.neo4j.server.manage.console_engines=
# To enable only the Neo4j Shell:
org.neo4j.server.manage.console_engines=shell