Update embedded distribution files to improve clarity and relevance

server/configs/webapps/embedded/config/application.properties

@@ -1,26 +1,18 @@
-server.port=8080
+## Configure your application using the properties below. Not all properties are needed.
+##   Uncomment lines to activate them. Substitute values shown with @@ markers.
+##   Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=applicationProperties
 
-## To use ssl, update the properties below for your local installation
-#server.ssl.enabled=true
-#server.ssl.enabled-protocols=TLSv1.3,TLSv1.2,TLSv1.1
-#server.ssl.protocol=TLS
-#server.ssl.key-alias=tomcat
-#server.ssl.key-store=@@keyStore@@
-#server.ssl.key-store-password=@@keyStorePassword@@
-## Typically either PKCS12 or JKS
-#server.ssl.key-store-type=PKCS12
-#server.ssl.ciphers=HIGH:!ADH:!EXP:!SSLv2:!SSLv3:!MEDIUM:!LOW:!NULL:!aNULL
+####################################################################################
+## Database connections and encryption key.
+####################################################################################
 
-## HTTP-only port for servers that need to handle both HTTPS (configure via server.port and server.ssl above) and HTTP
-#context.httpPort=8080
-
-## Database connections.
-## All deployments need a "labkeyDataSource" as their primary database.
+## Primary database configuration
+##   All deployments need a "labkeyDataSource" as their primary database.
 context.resources.jdbc.labkeyDataSource.type=javax.sql.DataSource
 context.resources.jdbc.labkeyDataSource.driverClassName=org.postgresql.Driver
 context.resources.jdbc.labkeyDataSource.url=jdbc:postgresql://localhost:5432/labkey
-context.resources.jdbc.labkeyDataSource.username=<username>
-context.resources.jdbc.labkeyDataSource.password=<password>
+context.resources.jdbc.labkeyDataSource.username=@@username@@
+context.resources.jdbc.labkeyDataSource.password=@@password@@
 context.resources.jdbc.labkeyDataSource.maxTotal=50
 context.resources.jdbc.labkeyDataSource.maxIdle=10
 context.resources.jdbc.labkeyDataSource.maxWaitMillis=120000
@@ -29,38 +21,55 @@ context.resources.jdbc.labkeyDataSource.validationQuery=SELECT 1
 #context.resources.jdbc.labkeyDataSource.logQueries=true
 #context.resources.jdbc.labkeyDataSource.displayName=Alternate Display Name
 
-## Add additional external data sources with a prefix of context.resources.jdbc.<dataSourceName>.
-## At a minimum, they must include the required properties: driverClassName, url, username, and password
-#context.resources.jdbc.extraDataSource.driverClassName=org.postgresql.Driver
-#context.resources.jdbc.extraDataSource.url=jdbc:postgresql://localhost:5432/extraDataSource
-#context.resources.jdbc.extraDataSource.username=<username>
-#context.resources.jdbc.extraDataSource.password=<password>
+## Add additional external data sources by using a prefix containing a unique extraDataSourceName.
+##   i.e. context.resources.jdbc.@@extraDataSourceName@@.<necessary property names>
+##   At a minimum, they must include these required properties: driverClassName, url, username, and password
+#context.resources.jdbc.@@extraDataSourceName@@.driverClassName=org.postgresql.Driver
+#context.resources.jdbc.@@extraDataSourceName@@.url=jdbc:postgresql://localhost:5432/extraDataSource
+#context.resources.jdbc.@@extraDataSourceName@@.username=@@username@@
+#context.resources.jdbc.@@extraDataSourceName@@.password=@@password@@
 
-context.encryptionKey=<encryptionKey>
-#context.oldEncryptionKey=
+context.encryptionKey=@@encryptionKey@@
 
-## We strongly recommend deploying LabKey at the root context path (e.g. http://localhost:8080)
-## You may customize the context path if you wish (e.g. http://localhost:8080/labkey)
-#context.contextPath=/labkey
+####################################################################################
+## Port and HTTP/HTTPS Settings
+####################################################################################
 
-## Using a legacy context path provides backwards compatibility with old deployments. A typical use case would be to
-## deploy to the root context (the default) and configure /labkey as the legacy path. GETs will be redirected.
-## All other methods (POSTs, PUTs, etc) will be handled server-side via a servlet forward.
-#context.legacyContextPath=/labkey
+## Set the primary port.
+##   Required. If using HTTPS, this will typically be 443 or 8443.
+##   If using HTTP, this will typically be 80 or 8080
+server.port=8080
 
-## Other webapps to be deployed, most commonly to deliver a set of static files. The context path to deploy into is the
-## property name after the "context.additionalWebapps." prefix, and the value is the location of the webapp on disk
-#context.additionalWebapps.firstContextPath=/my/webapp/path
-#context.additionalWebapps.secondContextPath=/my/other/webapp/path
+## To use HTTPS, update and uncomment the necessary properties below.
+##   Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=labkeyssl
+#server.ssl.enabled=true
+#server.ssl.enabled-protocols=TLSv1.3,TLSv1.2
+#server.ssl.protocol=TLS
+#server.ssl.key-alias=tomcat
+#server.ssl.key-store=@@keyStore@@
+#server.ssl.key-store-password=@@keyStorePassword@@
+#server.ssl.key-store-type=PKCS12
+#server.ssl.ciphers=HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!EDH:!DHE:!DH:!CAMELLIA:!ARIA:!AESCCM:!SHA:!CHACHA20
 
-## Other properties that were previously defined in 'labkey.xml'
-#context.requiredModules=
-#context.pipelineConfig=/path/to/pipeline/config/dir
-#context.serverGUID=
-#context.bypass2FA=true
-#context.workDirLocation=/path/to/desired/workDir
+## HTTP-only port for servers that need to handle both HTTPS (configure via server.port and server.ssl above) and HTTP
+##   This must not be the same as the server.port set above.
+#context.httpPort=8080
+
+## We strongly recommend deploying LabKey at the root context path (e.g. http://localhost:8080)
+## If your previous configuration file was named "ROOT.xml", you were already deployed at the root.
+## If you previously used a different context path, such as "/labkey" (i.e. with a configuration
+## file named "labkey.xml"), set a legacy context path for backwards compatibility.
+## Previous URLs, GETs, etc. will be redirected or handled server-side via a servlet forward.
+#context.legacyContextPath=/labkey
+
+## We do not recommend deploying to a non-root context path (e.g. http://localhost:8080/labkey)
+## If you do set this property, do not set a legacyContextPath.
+#context.contextPath=/labkey
 
+####################################################################################
 ## SMTP configuration
+## Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=SMTPsettings
+####################################################################################
 mail.smtpHost=localhost
 mail.smtpPort=25
 mail.smtpUser=Anonymous
@@ -70,42 +79,28 @@ mail.smtpUser=Anonymous
 #mail.smtpSocketFactoryClass=@@smtpSocketFactoryClass@@
 #mail.smtpAuth=@@smtpAuth@@
 
-## JMS configuration for remote ActiveMQ message management for distributed pipeline jobs
-## https://www.labkey.org/Documentation/wiki-page.view?name=jmsQueue
-#context.resources.jms.ConnectionFactory.type=org.apache.activemq.ActiveMQConnectionFactory
-#context.resources.jms.ConnectionFactory.factory=org.apache.activemq.jndi.JNDIReferenceFactory
-#context.resources.jms.ConnectionFactory.description=JMS Connection Factory
-## Use an in-process ActiveMQ queue
-#context.resources.jms.ConnectionFactory.brokerURL=vm://localhost?broker.persistent=false&broker.useJmx=false
-## Use an out-of-process ActiveMQ queue
-#context.resources.jms.ConnectionFactory.brokerURL=tcp://localhost:61616
-#context.resources.jms.ConnectionFactory.brokerName=LocalActiveMQBroker
-
-## LDAP configuration for LDAP group/user synchronization
-## https://www.labkey.org/Documentation/wiki-page.view?name=LDAP_sync
-#context.resources.ldap.ConfigFactory.type=org.labkey.premium.ldap.LdapConnectionConfigFactory
-#context.resources.ldap.ConfigFactory.factory=org.labkey.premium.ldap.LdapConnectionConfigFactory
-#context.resources.ldap.ConfigFactory.host=myldap.mydomain.com
-#context.resources.ldap.ConfigFactory.port=389
-#context.resources.ldap.ConfigFactory.principal=cn=read_user
-#context.resources.ldap.ConfigFactory.credentials=read_user_password
-#context.resources.ldap.ConfigFactory.useTls=false
-#context.resources.ldap.ConfigFactory.useSsl=false
-#context.resources.ldap.ConfigFactory.sslProtocol=SSLv3
-
-## HTTP session timeout for users - defaults to 30 minutes
-#server.servlet.session.timeout=30m
+####################################################################################
+## Optional properties needed in some situations.
+####################################################################################
 
-## Configure shutdown endpoint. Allows server to be shutdown with a POST to 'localhost:8081/actuator/shutdown'
-## This endpoint is insecure and should be used with caution
-#management.endpoint.shutdown.enabled=true
-#management.endpoints.enabled-by-default=false
-#management.endpoints.web.exposure.include=*
-#management.server.port=8081
+## HTTP session timeout for users. Leave commented out for the default of 30 minutes.
+## Uncomment and set a different value if required.
+#server.servlet.session.timeout=30m
 
 ## Use a custom logging configuration
 #logging.config=labkeywebapp/WEB-INF/classes/log4j2.xml
 
 ## Enable tomcat access log
 #server.tomcat.accesslog.enabled=true
 #server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %S %I "%{Referrer}i" "%{User-Agent}i" %{LABKEY.username}s
+
+#context.requiredModules=
+#context.pipelineConfig=@@/path/to/pipeline/config/dir@@
+#context.serverGUID=
+#context.bypass2FA=true
+#context.workDirLocation=@@/path/to/desired/workDir@@
+
+## Other webapps to be deployed, most commonly to deliver a set of static files. The context path to deploy into is the
+## property name after the "context.additionalWebapps." prefix, and the value is the location of the webapp on disk
+#context.additionalWebapps.firstContextPath=@@/my/webapp/path@@
+#context.additionalWebapps.secondContextPath=@@/my/other/webapp/path@@

server/configs/webapps/embedded/install_service.bat

@@ -5,7 +5,7 @@ set JAVA_HOME=%LABKEY_APPS%\java\jdk-17.0.9+9
 prunsrv.exe //IS//labkeyServer ^
     --DisplayName "LabKey Server - labkeyServer" ^
     --Description "LabKey Server Scientific Data Management System" ^
-    --Install "%LABKEY_APPS%\prunsrv.exe" ^
+    --Install "%LABKEY_HOME%\prunsrv.exe" ^
     --LogPath "%LABKEY_HOME%\logs" ^
     --StdOutput auto ^
     --StdError auto ^

server/configs/webapps/embedded/labkey_server.service

@@ -1,4 +1,8 @@
-# Systemd unit file for labkey_server
+# Systemd unit file for labkey_server.
+# This default will require customization. Confirm or edit the LABKEY_HOME path.
+# You must always edit the ExecStart line to start with the full path to java.
+# <JAVA_HOME> is shown for clarity, but will not be substituted.
+# Learn more here: https://www.labkey.org/Documentation/wiki-page.view?name=serviceFile
 
 [Unit]
 Description=LabKey Server Application
@@ -7,16 +11,22 @@ After=syslog.target network.target
 [Service]
 Type=simple
 Environment="JAVA_HOME=/usr/lib/jvm/jdk-17.0.10+7"
-Environment="JAVA_PRE_JAR_OPS=-Duser.timezone=America/Los_Angeles -Djava.library.path=/usr/lib/x86_64-linux-gnu -Djava.awt.headless=true -Xms1932M -Xmx1932M -Djava.security.egd=file:/dev/./urandom"
-Environment="JAVA_MID_JAR_OPS=-XX:+HeapDumpOnOutOfMemoryError -XX:+UseContainerSupport -XX:HeapDumpPath=/labkey/labkey/labkey-tmp -Djava.net.preferIPv4Stack=true"
-Environment="LABKEY_JAR_OPS=-Dlabkey.home=/labkey/labkey -Dlabkey.log.home=/labkey/labkey/logs -Djava.io.tmpdir=/labkey/labkey/labkey-tmp"
-Environment="JAVA_LOG_JAR_OPS=-XX:ErrorFile=/labkey/labkey/logs/error_%p.log -Dlog4j.configurationFile=log4j2.xml"
-Environment="JAVA_FLAGS_JAR_OPS=-Dorg.apache.catalina.startup.EXIT_ON_INIT_FAILURE=true -DsynchronousStartup=true -DterminateOnStartupFailure=true"
+Environment="LABKEY_HOME=/labkey/labkey"
+Environment="JAVA_FLAGS_JAR_OPS=-Dorg.apache.catalina.startup.EXIT_ON_INIT_FAILURE=true -DterminateOnStartupFailure=true -Djava.awt.headless=true"
 Environment="JAVA_REFLECTION_JAR_OPS=--add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED"
-WorkingDirectory=/labkey/labkey
+WorkingDirectory=$LABKEY_HOME
 OOMScoreAdjust=-500
 
-ExecStart=$JAVA_HOME/bin/java $JAVA_PRE_JAR_OPS $JAVA_MID_JAR_OPS $LABKEY_JAR_OPS $JAVA_LOG_JAR_OPS $JAVA_FLAGS_JAR_OPS $JAVA_REFLECTION_JAR_OPS -jar /labkey/labkey/labkeyServer.jar
+ExecStart=<JAVA_HOME>/bin/java \
+    -Xms2G \
+    -Xmx2G \
+    -XX:+HeapDumpOnOutOfMemoryError \
+    -XX:ErrorFile=/labkey/labkey/logs/error_%p.log \
+    -Djava.io.tmpdir=$LABKEY_HOME/labkey-tmp \
+    $JAVA_FLAGS_JAR_OPS \
+    $JAVA_REFLECTION_JAR_OPS \
+    -jar labkeyServer.jar
+
 SuccessExitStatus=0 143
 Restart=on-failure
 RestartSec=15