diff --git a/server/configs/webapps/embedded/config/application.properties b/server/configs/webapps/embedded/config/application.properties index 7d1e670b2e..744794a036 100644 --- a/server/configs/webapps/embedded/config/application.properties +++ b/server/configs/webapps/embedded/config/application.properties @@ -1,26 +1,18 @@ -server.port=8080 - -## To use ssl, update the properties below for your local installation -#server.ssl.enabled=true -#server.ssl.enabled-protocols=TLSv1.3,TLSv1.2,TLSv1.1 -#server.ssl.protocol=TLS -#server.ssl.key-alias=tomcat -#server.ssl.key-store=@@keyStore@@ -#server.ssl.key-store-password=@@keyStorePassword@@ -## Typically either PKCS12 or JKS -#server.ssl.key-store-type=PKCS12 -#server.ssl.ciphers=HIGH:!ADH:!EXP:!SSLv2:!SSLv3:!MEDIUM:!LOW:!NULL:!aNULL +## Configure your application using the properties below. Not all properties are needed. +## Uncomment lines to activate them. Substitute values shown with @@ markers. +## Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=applicationProperties -## HTTP-only port for servers that need to handle both HTTPS (configure via server.port and server.ssl above) and HTTP -#context.httpPort=8080 +#################################################################################### +## Database connections and encryption key. +#################################################################################### -## Database connections. -## All deployments need a "labkeyDataSource" as their primary database. +## Primary database configuration +## All deployments need a "labkeyDataSource" as their primary database. context.resources.jdbc.labkeyDataSource.type=javax.sql.DataSource context.resources.jdbc.labkeyDataSource.driverClassName=org.postgresql.Driver context.resources.jdbc.labkeyDataSource.url=jdbc:postgresql://localhost:5432/labkey -context.resources.jdbc.labkeyDataSource.username= -context.resources.jdbc.labkeyDataSource.password= +context.resources.jdbc.labkeyDataSource.username=@@username@@ +context.resources.jdbc.labkeyDataSource.password=@@password@@ context.resources.jdbc.labkeyDataSource.maxTotal=50 context.resources.jdbc.labkeyDataSource.maxIdle=10 context.resources.jdbc.labkeyDataSource.maxWaitMillis=120000 @@ -29,38 +21,51 @@ context.resources.jdbc.labkeyDataSource.validationQuery=SELECT 1 #context.resources.jdbc.labkeyDataSource.logQueries=true #context.resources.jdbc.labkeyDataSource.displayName=Alternate Display Name -## Add additional external data sources with a prefix of context.resources.jdbc.. -## At a minimum, they must include the required properties: driverClassName, url, username, and password -#context.resources.jdbc.extraDataSource.driverClassName=org.postgresql.Driver -#context.resources.jdbc.extraDataSource.url=jdbc:postgresql://localhost:5432/extraDataSource -#context.resources.jdbc.extraDataSource.username= -#context.resources.jdbc.extraDataSource.password= +## Add additional external data sources by using a prefix containing a unique extraDataSourceName. +## i.e. context.resources.jdbc.@@extraDataSourceName@@. +## At a minimum, they must include these required properties: driverClassName, url, username, and password +#context.resources.jdbc.@@extraDataSourceName@@.driverClassName=org.postgresql.Driver +#context.resources.jdbc.@@extraDataSourceName@@.url=jdbc:postgresql://localhost:5432/extraDataSource +#context.resources.jdbc.@@extraDataSourceName@@.username=@@username@@ +#context.resources.jdbc.@@extraDataSourceName@@.password=@@password@@ -context.encryptionKey= -#context.oldEncryptionKey= +context.encryptionKey=@@encryptionKey@@ -## We strongly recommend deploying LabKey at the root context path (e.g. http://localhost:8080) -## You may customize the context path if you wish (e.g. http://localhost:8080/labkey) -#context.contextPath=/labkey +#################################################################################### +## Port and HTTP/HTTPS Settings +#################################################################################### -## Using a legacy context path provides backwards compatibility with old deployments. A typical use case would be to -## deploy to the root context (the default) and configure /labkey as the legacy path. GETs will be redirected. -## All other methods (POSTs, PUTs, etc) will be handled server-side via a servlet forward. -#context.legacyContextPath=/labkey +## Set the primary port. +## Required. If using HTTPS, this will typically be 443 or 8443. +## If using HTTP, this will typically be 80 or 8080 +server.port=8080 -## Other webapps to be deployed, most commonly to deliver a set of static files. The context path to deploy into is the -## property name after the "context.additionalWebapps." prefix, and the value is the location of the webapp on disk -#context.additionalWebapps.firstContextPath=/my/webapp/path -#context.additionalWebapps.secondContextPath=/my/other/webapp/path +## To use HTTPS, update and uncomment the necessary properties below. +## Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=labkeyssl +#server.ssl.enabled=true +#server.ssl.enabled-protocols=TLSv1.3,TLSv1.2 +#server.ssl.protocol=TLS +#server.ssl.key-alias=tomcat +#server.ssl.key-store=@@keyStore@@ +#server.ssl.key-store-password=@@keyStorePassword@@ +#server.ssl.key-store-type=PKCS12 +#server.ssl.ciphers=HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!EDH:!DHE:!DH:!CAMELLIA:!ARIA:!AESCCM:!SHA:!CHACHA20 -## Other properties that were previously defined in 'labkey.xml' -#context.requiredModules= -#context.pipelineConfig=/path/to/pipeline/config/dir -#context.serverGUID= -#context.bypass2FA=true -#context.workDirLocation=/path/to/desired/workDir +## HTTP-only port for servers that need to handle both HTTPS (configure via server.port and server.ssl above) and HTTP +## This must not be the same as the server.port set above. +#context.httpPort=8080 + +## We strongly recommend deploying LabKey at the root context path (e.g. http://localhost:8080) +## If your previous configuration file was named "ROOT.xml", you were already deployed at the root. +## If you previously used a different context path, such as "/labkey" (i.e. with a configuration +## file named "labkey.xml"), set a legacy context path for backwards compatibility. +## Previous URLs, GETs, etc. will be redirected or handled server-side via a servlet forward. +#context.legacyContextPath=/labkey +#################################################################################### ## SMTP configuration +## Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=SMTPsettings +#################################################################################### mail.smtpHost=localhost mail.smtpPort=25 mail.smtpUser=Anonymous @@ -70,38 +75,13 @@ mail.smtpUser=Anonymous #mail.smtpSocketFactoryClass=@@smtpSocketFactoryClass@@ #mail.smtpAuth=@@smtpAuth@@ -## JMS configuration for remote ActiveMQ message management for distributed pipeline jobs -## https://www.labkey.org/Documentation/wiki-page.view?name=jmsQueue -#context.resources.jms.ConnectionFactory.type=org.apache.activemq.ActiveMQConnectionFactory -#context.resources.jms.ConnectionFactory.factory=org.apache.activemq.jndi.JNDIReferenceFactory -#context.resources.jms.ConnectionFactory.description=JMS Connection Factory -## Use an in-process ActiveMQ queue -#context.resources.jms.ConnectionFactory.brokerURL=vm://localhost?broker.persistent=false&broker.useJmx=false -## Use an out-of-process ActiveMQ queue -#context.resources.jms.ConnectionFactory.brokerURL=tcp://localhost:61616 -#context.resources.jms.ConnectionFactory.brokerName=LocalActiveMQBroker - -## LDAP configuration for LDAP group/user synchronization -## https://www.labkey.org/Documentation/wiki-page.view?name=LDAP_sync -#context.resources.ldap.ConfigFactory.type=org.labkey.premium.ldap.LdapConnectionConfigFactory -#context.resources.ldap.ConfigFactory.factory=org.labkey.premium.ldap.LdapConnectionConfigFactory -#context.resources.ldap.ConfigFactory.host=myldap.mydomain.com -#context.resources.ldap.ConfigFactory.port=389 -#context.resources.ldap.ConfigFactory.principal=cn=read_user -#context.resources.ldap.ConfigFactory.credentials=read_user_password -#context.resources.ldap.ConfigFactory.useTls=false -#context.resources.ldap.ConfigFactory.useSsl=false -#context.resources.ldap.ConfigFactory.sslProtocol=SSLv3 - -## HTTP session timeout for users - defaults to 30 minutes -#server.servlet.session.timeout=30m +#################################################################################### +## Optional properties needed in some situations. +#################################################################################### -## Configure shutdown endpoint. Allows server to be shutdown with a POST to 'localhost:8081/actuator/shutdown' -## This endpoint is insecure and should be used with caution -#management.endpoint.shutdown.enabled=true -#management.endpoints.enabled-by-default=false -#management.endpoints.web.exposure.include=* -#management.server.port=8081 +## HTTP session timeout for users. Leave commented out for the default of 30 minutes. +## Uncomment and set a different value if required. +#server.servlet.session.timeout=30m ## Use a custom logging configuration #logging.config=labkeywebapp/WEB-INF/classes/log4j2.xml @@ -109,3 +89,14 @@ mail.smtpUser=Anonymous ## Enable tomcat access log #server.tomcat.accesslog.enabled=true #server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %S %I "%{Referrer}i" "%{User-Agent}i" %{LABKEY.username}s + +#context.requiredModules= +#context.pipelineConfig=@@/path/to/pipeline/config/dir@@ +#context.serverGUID= +#context.bypass2FA=true +#context.workDirLocation=@@/path/to/desired/workDir@@ + +## Other webapps to be deployed, most commonly to deliver a set of static files. The context path to deploy into is the +## property name after the "context.additionalWebapps." prefix, and the value is the location of the webapp on disk +#context.additionalWebapps.firstContextPath=@@/my/webapp/path@@ +#context.additionalWebapps.secondContextPath=@@/my/other/webapp/path@@ diff --git a/server/configs/webapps/embedded/install_service.bat b/server/configs/webapps/embedded/install_service.bat index 3c54bb6f7c..aad0a9ac9c 100644 --- a/server/configs/webapps/embedded/install_service.bat +++ b/server/configs/webapps/embedded/install_service.bat @@ -5,7 +5,7 @@ set JAVA_HOME=%LABKEY_APPS%\java\jdk-17.0.9+9 prunsrv.exe //IS//labkeyServer ^ --DisplayName "LabKey Server - labkeyServer" ^ --Description "LabKey Server Scientific Data Management System" ^ - --Install "%LABKEY_APPS%\prunsrv.exe" ^ + --Install "%LABKEY_HOME%\prunsrv.exe" ^ --LogPath "%LABKEY_HOME%\logs" ^ --StdOutput auto ^ --StdError auto ^ diff --git a/server/configs/webapps/embedded/labkey_server.service b/server/configs/webapps/embedded/labkey_server.service index 427e3c2666..e3f1049f06 100644 --- a/server/configs/webapps/embedded/labkey_server.service +++ b/server/configs/webapps/embedded/labkey_server.service @@ -1,4 +1,8 @@ -# Systemd unit file for labkey_server +# Systemd unit file for labkey_server. +# This default will require customization. Confirm or edit the LABKEY_HOME path. +# You must always edit the ExecStart line to start with the full path to java. +# is shown for clarity, but will not be substituted. +# Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=serviceFile [Unit] Description=LabKey Server Application @@ -7,16 +11,23 @@ After=syslog.target network.target [Service] Type=simple Environment="JAVA_HOME=/usr/lib/jvm/jdk-17.0.10+7" -Environment="JAVA_PRE_JAR_OPS=-Duser.timezone=America/Los_Angeles -Djava.library.path=/usr/lib/x86_64-linux-gnu -Djava.awt.headless=true -Xms1932M -Xmx1932M -Djava.security.egd=file:/dev/./urandom" -Environment="JAVA_MID_JAR_OPS=-XX:+HeapDumpOnOutOfMemoryError -XX:+UseContainerSupport -XX:HeapDumpPath=/labkey/labkey/labkey-tmp -Djava.net.preferIPv4Stack=true" -Environment="LABKEY_JAR_OPS=-Dlabkey.home=/labkey/labkey -Dlabkey.log.home=/labkey/labkey/logs -Djava.io.tmpdir=/labkey/labkey/labkey-tmp" -Environment="JAVA_LOG_JAR_OPS=-XX:ErrorFile=/labkey/labkey/logs/error_%p.log -Dlog4j.configurationFile=log4j2.xml" -Environment="JAVA_FLAGS_JAR_OPS=-Dorg.apache.catalina.startup.EXIT_ON_INIT_FAILURE=true -DsynchronousStartup=true -DterminateOnStartupFailure=true" +Environment="LABKEY_HOME=/labkey/labkey" +Environment="JAVA_FLAGS_JAR_OPS=-Dorg.apache.catalina.startup.EXIT_ON_INIT_FAILURE=true -DterminateOnStartupFailure=true -Djava.awt.headless=true" Environment="JAVA_REFLECTION_JAR_OPS=--add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED" -WorkingDirectory=/labkey/labkey +WorkingDirectory=$LABKEY_HOME OOMScoreAdjust=-500 -ExecStart=$JAVA_HOME/bin/java $JAVA_PRE_JAR_OPS $JAVA_MID_JAR_OPS $LABKEY_JAR_OPS $JAVA_LOG_JAR_OPS $JAVA_FLAGS_JAR_OPS $JAVA_REFLECTION_JAR_OPS -jar /labkey/labkey/labkeyServer.jar +ExecStart=/bin/java \ + -Xms2G \ + -Xmx2G \ + -XX:+HeapDumpOnOutOfMemoryError \ + -XX:HeapDumpPath=$LABKEY_HOME/labkey-tmp \ + -XX:ErrorFile=/labkey/labkey/logs/error_%p.log \ + -Djava.io.tmpdir=$LABKEY_HOME/labkey-tmp \ + $JAVA_FLAGS_JAR_OPS \ + $JAVA_REFLECTION_JAR_OPS \ + -jar labkeyServer.jar + SuccessExitStatus=0 143 Restart=on-failure RestartSec=15