NuKVM/xen-orchestra
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(xo-server/sample.config): use TOML instead of YAML (#3860)

Browse Source
This commit is contained in:
Julien Fontanet 2019-01-14 14:00:16 +01:00 committed by Pierre Donias
parent 3d7e0df4dd
commit a97c5f4cd9
5 changed files with 160 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
docs/configuration.md
View File

@ -4,17 +4,15 @@ Once Xen Orchestra is installed, you can configure some parameters in the config
## Configuration
The configuration file is located at `/etc/xo-server/config.yaml`.
**WARNING: YAML is very strict with indentation: use spaces, not tabs.**
The configuration file is located at `/etc/xo-server/config.toml`.
### User to run XO-server as
By default, XO-server runs as 'root'. You can change that by uncommenting these lines and choose whatever user/group you want:
```yaml
user: 'nobody'
group: 'nogroup'
```toml
user = 'nobody'
group = 'nogroup'
```
**Warning!** A non-privileged user:
@ -26,20 +24,20 @@ group: 'nogroup'
By default, XO-server listens on all addresses (0.0.0.0) and runs on port 80. If you need to, you can change this in the `# Basic HTTP` section:
```yaml
host: '0.0.0.0'
port: 80
```toml
host = '0.0.0.0'
port = 80
```
### HTTPS
XO-server can also run in HTTPS (you can run HTTP and HTTPS at the same time) - just modify what's needed in the `# Basic HTTPS` section, this time with the certificates/keys you need and their path:
```yaml
host: '0.0.0.0'
port: 443
certificate: './certificate.pem'
key: './key.pem'
```toml
host = '0.0.0.0'
port = 443
certificate = './certificate.pem'
key = './key.pem'
```
> If a chain of certificates authorities is needed, you may bundle them directly in the certificate. Note: the order of certificates does matter, your certificate should come first followed by the certificate of the above certificate authority up to the root.
@ -60,10 +58,9 @@ This should be written just before the `mount` option, inside the `http:` block.
You shouldn't have to change this. It's the path where `xo-web` files are served by `xo-server`.
```yaml
mounts:
'/':
- '../xo-web/dist/'
```toml
[http.mounts]
'/' = '../xo-web/dist/'
```
### Custom certificate authority
@ -87,8 +84,8 @@ Don't forget to reload `systemd` conf and restart `xo-server`:
By default, XO-server will try to contact Redis server on `localhost`, with the port `6379`. But you can define whatever you want:
```yaml
uri: 'tcp://db:password@hostname:port'
```toml
uri = 'tcp://db:password@hostname:port'
```
### Proxy for XenServer updates and patches
@ -101,12 +98,12 @@ To do that behind a corporate proxy, just add the `httpProxy` variable to match
You can add this at the end of your config file:
```yaml
```toml
# HTTP proxy configuration used by xo-server to fetch resources on the Internet.
#
# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
httpProxy: 'http://username:password@proxyAddress:port'
httpProxy = 'http://username:password@proxyAddress:port'
```
### Log file

10
docs/from_the_sources.md
View File

@ -64,17 +64,15 @@ Now you have to create a config file for `xo-server`:
```
$ cd packages/xo-server
$ cp sample.config.yaml .xo-server.yaml
$ cp sample.config.toml .xo-server.toml
```
Edit and uncomment it to have the right path to serve `xo-web`, because `xo-server` embeds an HTTP server (we assume that `xen-orchestra` and `xo-web` are in the same directory). It's near the end of the file:
```yaml
mounts: '/': '../xo-web/dist/'
```toml
[mounts]
'/' = '../xo-web/dist/'
```
> Note this `dist` folder will be created in the next step.
**WARNING: YAML is very strict with indentation: use spaces for it, not tabs**.
In this config file, you can also change default ports (80 and 443) for xo-server. If you are running the server as a non-root user, you will need to set the port to 1024 or higher.

2
packages/xo-server/config.toml
View File

@ -1,6 +1,6 @@
# Vendor config: DO NOT TOUCH!
#
# See sample.config.yaml to override.
# See sample.config.toml to override.
datadir = '/var/lib/xo-server/data'

136
packages/xo-server/sample.config.toml Normal file
View File

@ -0,0 +1,136 @@
# Example XO-Server configuration.
#
# This file is automatically looking for at the following places:
# - `$HOME/.config/xo-server/config.toml`
# - `/etc/xo-server/config.toml`
#
# The first entries have priority.
#
# Note: paths are relative to the configuration file.
#=====================================================================
# HTTP proxy configuration used by xo-server to fetch resources on the Internet.
#
# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
# httpProxy = 'http://jsmith:qwerty@proxy.lan:3128'
#=====================================================================
# It may be necessary to run XO-Server as a privileged user (e.g. `root`) for
# instance to allow the HTTP server to listen on a
# [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html).
#
# To avoid security issues, XO-Server can drop its privileges by changing the
# user and the group is running with.
#
# Note: XO-Server will change them just after reading the configuration.
# User to run XO-Server as.
#
# Note: The user can be specified using either its name or its numeric
# identifier.
#
# Default: undefined
#user = 'nobody'
# Group to run XO-Server as.
#
# Note: The group can be specified using either its name or its numeric
# identifier.
#
# Default: undefined
# group = 'nogroup'
#=====================================================================
# Configuration of the embedded HTTP server.
[http]
# If set to true, all HTTP traffic will be redirected to the first HTTPs
# configuration.
# redirectToHttps = true
# Basic HTTP.
[[http.listen]]
# Address on which the server is listening on.
#
# Sets it to 'localhost' for IP to listen only on the local host.
#
# Default: all IPv6 addresses if available, otherwise all IPv4 addresses.
# hostname = 'localhost'
# Port on which the server is listening on.
#
# Default: undefined
port = 80
# Instead of `host` and `port` a path to a UNIX socket may be specified
# (overrides `host` and `port`).
#
# Default: undefined
# socket = './http.sock'
# # Basic HTTPS.
# #
# # You can find the list of possible options there
# # https://nodejs.org/docs/latest/api/tls.html#tls.createServer
# #
# # The only difference is the presence of the certificate and the key.
# [[http.listen]]
# #hostname = '127.0.0.1'
# port = 443
#
# # File containing the certificate (PEM format).
# #
# # If a chain of certificates authorities is needed, you may bundle them
# # directly in the certificate.
# #
# # Note: the order of certificates does matter, your certificate should come
# # first followed by the certificate of the above
# # certificate authority up to the root.
# #
# # Default: undefined
# cert = './certificate.pem'
#
# # File containing the private key (PEM format).
# #
# # If the key is encrypted, the passphrase will be asked at
# # server startup.
# #
# # Default: undefined
# key = './key.pem'
# List of files/directories which will be served.
[http.mounts]
#'/' = '/path/to/xo-web/dist/'
# List of proxied URLs (HTTP & WebSockets).
[http.proxies]
#'/any/url' = 'http://localhost:54722'
#=====================================================================
# Connection to the Redis server.
[redis]
# Unix sockets can be used
#
# Default: undefined
#socket = '/var/run/redis/redis.sock'
# Syntax: redis://[db[:password]@]hostname[:port][/db-number]
#
# Default: redis://localhost:6379/0
#uri = 'redis://redis.company.lan/42'
# List of aliased commands.
#
# See http://redis.io/topics/security#disabling-of-specific-commands
#renameCommands:
# del = '3dda29ad-3015-44f9-b13b-fa570de92489'
# srem = '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0'
# Directory containing the database of XO.
# Currently used for logs.
#
# Default: '/var/lib/xo-server/data'
#datadir = '/var/lib/xo-server/data'

144
packages/xo-server/sample.config.yaml
View File

@ -1,144 +0,0 @@
# BE *VERY* CAREFUL WHEN EDITING!
# YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
# visit http://www.yamllint.com/ to validate this file as needed
#=====================================================================
# Example XO-Server configuration.
#
# This file is automatically looking for at the following places:
# - `$HOME/.config/xo-server/config.yaml`
# - `/etc/xo-server/config.yaml`
#
# The first entries have priority.
#
# Note: paths are relative to the configuration file.
#=====================================================================
# It may be necessary to run XO-Server as a privileged user (e.g.
# `root`) for instance to allow the HTTP server to listen on a
# [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html).
#
# To avoid security issues, XO-Server can drop its privileges by
# changing the user and the group is running with.
#
# Note: XO-Server will change them just after reading the
# configuration.
# User to run XO-Server as.
#
# Note: The user can be specified using either its name or its numeric
# identifier.
#
# Default: undefined
#user: 'nobody'
# Group to run XO-Server as.
#
# Note: The group can be specified using either its name or its
# numeric identifier.
#
# Default: undefined
#group: 'nogroup'
#=====================================================================
# Configuration of the embedded HTTP server.
http:
# Hosts & ports on which to listen.
#
# By default, the server listens on [::]:80.
listen:
# Basic HTTP.
- # Address on which the server is listening on.
#
# Sets it to 'localhost' for IP to listen only on the local host.
#
# Default: all IPv6 addresses if available, otherwise all IPv4
# addresses.
#hostname: 'localhost'
# Port on which the server is listening on.
#
# Default: undefined
port: 80
# Instead of `host` and `port` a path to a UNIX socket may be
# specified (overrides `host` and `port`).
#
# Default: undefined
#socket: './http.sock'
# Basic HTTPS.
#
# You can find the list of possible options there https://nodejs.org/docs/latest/api/tls.html#tls.createServer
# -
# # The only difference is the presence of the certificate and the
# # key.
# #
# #hostname: '127.0.0.1'
# port: 443
# # File containing the certificate (PEM format).
#
# # If a chain of certificates authorities is needed, you may bundle
# # them directly in the certificate.
# #
# # Note: the order of certificates does matter, your certificate
# # should come first followed by the certificate of the above
# # certificate authority up to the root.
# #
# # Default: undefined
# cert: './certificate.pem'
# # File containing the private key (PEM format).
# #
# # If the key is encrypted, the passphrase will be asked at
# # server startup.
# #
# # Default: undefined
# key: './key.pem'
# If set to true, all HTTP traffic will be redirected to the first
# HTTPs configuration.
#redirectToHttps: true
# List of files/directories which will be served.
mounts:
#'/': '/path/to/xo-web/dist/'
# List of proxied URLs (HTTP & WebSockets).
proxies:
# '/any/url': 'http://localhost:54722'
# HTTP proxy configuration used by xo-server to fetch resources on the
# Internet.
#
# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
#httpProxy: 'http://jsmith:qwerty@proxy.lan:3128'
#=====================================================================
# Connection to the Redis server.
redis:
# Unix sockets can be used
#
# Default: undefined
#socket: /var/run/redis/redis.sock
# Syntax: redis://[db[:password]@]hostname[:port][/db-number]
#
# Default: redis://localhost:6379/0
#uri: redis://redis.company.lan/42
# List of aliased commands.
#
# See http://redis.io/topics/security#disabling-of-specific-commands
#renameCommands:
# del: '3dda29ad-3015-44f9-b13b-fa570de92489'
# srem: '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0'
# Directory containing the database of XO.
# Currently used for logs.
#
# Default: '/var/lib/xo-server/data'
#datadir: '/var/lib/xo-server/data'