Untitled

#
# Copyright © 2016-2018 The Thingsboard Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

server:
  # Server bind address
  address: "${HTTP_BIND_ADDRESS:0.0.0.0}"
  # Server bind port
  port: "${HTTP_BIND_PORT:8080}"
  # Server SSL configuration
  ssl:
    # Enable/disable SSL support
    enabled: "${SSL_ENABLED:false}"
    # Path to the key store that holds the SSL certificate
    key-store: "${SSL_KEY_STORE:classpath:keystore/keystore.p12}"
    # Password used to access the key store
    key-store-password: "${SSL_KEY_STORE_PASSWORD:thingsboard}"
    # Type of the key store
    key-store-type: "${SSL_KEY_STORE_TYPE:PKCS12}"
    # Alias that identifies the key in the key store
    key-alias: "${SSL_KEY_ALIAS:tomcat}"

# Zookeeper connection parameters. Used for service discovery.
zk:
  # Enable/disable zookeeper discovery service.
  enabled: "${ZOOKEEPER_ENABLED:false}"
  # Zookeeper connect string
  url: "${ZOOKEEPER_URL:localhost:2181}"
  # Zookeeper retry interval in milliseconds
  retry_interval_ms: "${ZOOKEEPER_RETRY_INTERVAL_MS:3000}"
  # Zookeeper connection timeout in milliseconds
  connection_timeout_ms: "${ZOOKEEPER_CONNECTION_TIMEOUT_MS:3000}"
  # Zookeeper session timeout in milliseconds
  session_timeout_ms: "${ZOOKEEPER_SESSION_TIMEOUT_MS:3000}"
  # Name of the directory in zookeeper 'filesystem'
  zk_dir: "${ZOOKEEPER_NODES_DIR:/thingsboard}"

# RPC connection parameters. Used only in cluster mode only.
rpc:
  bind_host: "${RPC_HOST:localhost}"
  bind_port: "${RPC_PORT:9001}"

# Clustering properties related to consistent-hashing. See architecture docs for more details.
cluster:
  # Name of hash function used for consistent hash ring.
  hash_function_name: "${CLUSTER_HASH_FUNCTION_NAME:murmur3_128}"
  # Amount of virtual nodes in consistent hash ring.
  vitrual_nodes_size: "${CLUSTER_VIRTUAL_NODES_SIZE:16}"
  # Queue partition id for current node
  partition_id: "${QUEUE_PARTITION_ID:0}"

# Plugins configuration parameters
plugins:
  # Comma seperated package list used during classpath scanning for plugins
  scan_packages: "${PLUGINS_SCAN_PACKAGES:org.thingsboard.server.extensions,org.thingsboard.rule.engine}"

# JWT Token parameters
security.jwt:
  tokenExpirationTime: "${JWT_TOKEN_EXPIRATION_TIME:900}" # Number of seconds (15 mins)
  refreshTokenExpTime: "${JWT_REFRESH_TOKEN_EXPIRATION_TIME:3600}" # Seconds (1 hour)
  tokenIssuer: "${JWT_TOKEN_ISSUER:thingsboard.io}"
  tokenSigningKey: "${JWT_TOKEN_SIGNING_KEY:thingsboardDefaultSigningKey}"

# Device communication protocol parameters
http:
  request_timeout: "${HTTP_REQUEST_TIMEOUT:60000}"

# MQTT server parameters
mqtt:
  # Enable/disable mqtt transport protocol.
  enabled: "${MQTT_ENABLED:true}"
  bind_address: "${MQTT_BIND_ADDRESS:0.0.0.0}"
  bind_port: "${MQTT_BIND_PORT:1888}"
  adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
  timeout: "${MQTT_TIMEOUT:10000}"
  netty:
    leak_detector_level: "${NETTY_LEASK_DETECTOR_LVL:DISABLED}"
    boss_group_thread_count: "${NETTY_BOSS_GROUP_THREADS:1}"
    worker_group_thread_count: "${NETTY_WORKER_GROUP_THREADS:12}"
    max_payload_size: "${NETTY_MAX_PAYLOAD_SIZE:65536}"
  # MQTT SSL configuration
  ssl:
    # Enable/disable SSL support
    enabled: "${MQTT_SSL_ENABLED:false}"
    # SSL protocol: See http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SSLContext
    protocol: "${MQTT_SSL_PROTOCOL:TLSv1.2}"
    # Path to the key store that holds the SSL certificate
    key_store: "${MQTT_SSL_KEY_STORE:mqttserver.jks}"
    # Password used to access the key store
    key_store_password: "${MQTT_SSL_KEY_STORE_PASSWORD:server_ks_password}"
    # Password used to access the key
    key_password: "${MQTT_SSL_KEY_PASSWORD:server_key_password}"
    # Type of the key store
    key_store_type: "${MQTT_SSL_KEY_STORE_TYPE:JKS}"

# CoAP server parameters
coap:
  # Enable/disable coap transport protocol.
  enabled: "${COAP_ENABLED:false}"
  bind_address: "${COAP_BIND_ADDRESS:0.0.0.0}"
  bind_port: "${COAP_BIND_PORT:5683}"
  adaptor:  "${COAP_ADAPTOR_NAME:JsonCoapAdaptor}"
  timeout: "${COAP_TIMEOUT:10000}"

#Quota parameters
quota:
  host:
    # Max allowed number of API requests in interval for single host
    limit: "${QUOTA_HOST_LIMIT:10000}"
    # Interval duration
    intervalMs: "${QUOTA_HOST_INTERVAL_MS:60000}"
    # Maximum silence duration for host after which Host removed from QuotaService. Must be bigger than intervalMs
    ttlMs: "${QUOTA_HOST_TTL_MS:60000}"
    # Interval for scheduled task that cleans expired records. TTL is used for expiring
    cleanPeriodMs: "${QUOTA_HOST_CLEAN_PERIOD_MS:300000}"
    # Enable Host API Limits
    enabled: "${QUOTA_HOST_ENABLED:false}"
    # Array of whitelist hosts
    whitelist: "${QUOTA_HOST_WHITELIST:localhost,127.0.0.1}"
    # Array of blacklist hosts
    blacklist: "${QUOTA_HOST_BLACKLIST:}"
    log:
      topSize: 10
      intervalMin: 2
  rule:
    tenant:
      # Max allowed number of API requests in interval for single tenant
      limit: "${QUOTA_TENANT_LIMIT:100000}"
      # Interval duration
      intervalMs: "${QUOTA_TENANT_INTERVAL_MS:60000}"
      # Maximum silence duration for tenant after which Tenant removed from QuotaService. Must be bigger than intervalMs
      ttlMs: "${QUOTA_TENANT_TTL_MS:60000}"
      # Interval for scheduled task that cleans expired records. TTL is used for expiring
      cleanPeriodMs: "${QUOTA_TENANT_CLEAN_PERIOD_MS:300000}"
      # Enable Host API Limits
      enabled: "${QUOTA_TENANT_ENABLED:false}"
      # Array of whitelist tenants
      whitelist: "${QUOTA_TENANT_WHITELIST:}"
      # Array of blacklist tenants
      blacklist: "${QUOTA_HOST_BLACKLIST:}"
      log:
        topSize: 10
        intervalMin: 2

database:
  type: "${DATABASE_TYPE:sql}" # cassandra OR sql

# Cassandra driver configuration parameters
cassandra:
  # Thingsboard cluster name
  cluster_name: "${CASSANDRA_CLUSTER_NAME:Thingsboard Cluster}"
  # Thingsboard keyspace name
  keyspace_name: "${CASSANDRA_KEYSPACE_NAME:thingsboard}"
  # Specify node list
  url: "${CASSANDRA_URL:127.0.0.1:9042}"
  # Enable/disable secure connection
  ssl: "${CASSANDRA_USE_SSL:false}"
  # Enable/disable JMX
  jmx: "${CASSANDRA_USE_JMX:true}"
  # Enable/disable metrics collection.
  metrics: "${CASSANDRA_DISABLE_METRICS:true}"
  # NONE SNAPPY LZ4
  compression: "${CASSANDRA_COMPRESSION:none}"
  # Specify cassandra claster initialization timeout (if no hosts available during startup)
  init_timeout_ms: "${CASSANDRA_CLUSTER_INIT_TIMEOUT_MS:300000}"
  # Specify cassandra claster initialization retry interval (if no hosts available during startup)
  init_retry_interval_ms: "${CASSANDRA_CLUSTER_INIT_RETRY_INTERVAL_MS:3000}"

  # Credential parameters #
  credentials: "${CASSANDRA_USE_CREDENTIALS:false}"
  # Specify your username
  username: "${CASSANDRA_USERNAME:}"
  # Specify your password
  password: "${CASSANDRA_PASSWORD:}"

  # Cassandra cluster connection socket parameters #
  socket:
    connect_timeout: "${CASSANDRA_SOCKET_TIMEOUT:5000}"
    read_timeout: "${CASSANDRA_SOCKET_READ_TIMEOUT:20000}"
    keep_alive: "${CASSANDRA_SOCKET_KEEP_ALIVE:true}"
    reuse_address: "${CASSANDRA_SOCKET_REUSE_ADDRESS:true}"
    so_linger: "${CASSANDRA_SOCKET_SO_LINGER:}"
    tcp_no_delay: "${CASSANDRA_SOCKET_TCP_NO_DELAY:false}"
    receive_buffer_size: "${CASSANDRA_SOCKET_RECEIVE_BUFFER_SIZE:}"
    send_buffer_size: "${CASSANDRA_SOCKET_SEND_BUFFER_SIZE:}"

  # Cassandra cluster connection query parameters  #
  query:
    read_consistency_level: "${CASSANDRA_READ_CONSISTENCY_LEVEL:ONE}"
    write_consistency_level: "${CASSANDRA_WRITE_CONSISTENCY_LEVEL:ONE}"
    default_fetch_size: "${CASSANDRA_DEFAULT_FETCH_SIZE:2000}"
    # Specify partitioning size for timestamp key-value storage. Example MINUTES, HOURS, DAYS, MONTHS
    ts_key_value_partitioning: "${TS_KV_PARTITIONING:MONTHS}"
    ts_key_value_ttl: "${TS_KV_TTL:0}"
    buffer_size: "${CASSANDRA_QUERY_BUFFER_SIZE:200000}"
    concurrent_limit: "${CASSANDRA_QUERY_CONCURRENT_LIMIT:1000}"
    permit_max_wait_time: "${PERMIT_MAX_WAIT_TIME:120000}"
    rate_limit_print_interval_ms: "${CASSANDRA_QUERY_RATE_LIMIT_PRINT_MS:30000}"

  queue:
    msg.ttl: 604800 # 7 days
    ack.ttl: 604800 # 7 days
    partitions.ttl: 604800 # 7 days
    partitioning: "HOURS"

# SQL configuration parameters
sql:
    # Specify executor service type used to perform timeseries insert tasks: SINGLE FIXED CACHED
    ts_inserts_executor_type: "${SQL_TS_INSERTS_EXECUTOR_TYPE:fixed}"
    # Specify thread pool size for FIXED executor service type
    ts_inserts_fixed_thread_pool_size: "${SQL_TS_INSERTS_FIXED_THREAD_POOL_SIZE:10}"

# Actor system parameters
actors:
  tenant:
    create_components_on_init: "${ACTORS_TENANT_CREATE_COMPONENTS_ON_INIT:true}"
  session:
    max_concurrent_sessions_per_device: "${ACTORS_MAX_CONCURRENT_SESSION_PER_DEVICE:1}"
    sync:
      # Default timeout for processing request using synchronous session (HTTP, CoAP) in milliseconds
      timeout: "${ACTORS_SESSION_SYNC_TIMEOUT:10000}"
  rule:
    # Specify thread pool size for database request callbacks executor service
    db_callback_thread_pool_size: "${ACTORS_RULE_DB_CALLBACK_THREAD_POOL_SIZE:1}"
    # Specify thread pool size for javascript executor service
    js_thread_pool_size: "${ACTORS_RULE_JS_THREAD_POOL_SIZE:10}"
    # Specify thread pool size for mail sender executor service
    mail_thread_pool_size: "${ACTORS_RULE_MAIL_THREAD_POOL_SIZE:10}"
    # Whether to allow usage of system mail service for rules
    allow_system_mail_service: "${ACTORS_RULE_ALLOW_SYSTEM_MAIL_SERVICE:true}"
    # Specify thread pool size for external call service
    external_call_thread_pool_size: "${ACTORS_RULE_EXTERNAL_CALL_THREAD_POOL_SIZE:10}"
    js_sandbox:
      # Use Sandboxed (secured) JavaScript environment
      use_js_sandbox: "${ACTORS_RULE_JS_SANDBOX_USE_JS_SANDBOX:true}"
      # Specify thread pool size for JavaScript sandbox resource monitor
      monitor_thread_pool_size: "${ACTORS_RULE_JS_SANDBOX_MONITOR_THREAD_POOL_SIZE:4}"
      # Maximum CPU time in milliseconds allowed for script execution
      max_cpu_time: "${ACTORS_RULE_JS_SANDBOX_MAX_CPU_TIME:100}"
      # Maximum allowed JavaScript execution errors before JavaScript will be blacklisted
      max_errors: "${ACTORS_RULE_JS_SANDBOX_MAX_ERRORS:3}"
    chain:
      # Errors for particular actor are persisted once per specified amount of milliseconds
      error_persist_frequency: "${ACTORS_RULE_CHAIN_ERROR_FREQUENCY:3000}"
    node:
      # Errors for particular actor are persisted once per specified amount of milliseconds
      error_persist_frequency: "${ACTORS_RULE_NODE_ERROR_FREQUENCY:3000}"
    queue:
      # Message queue type
      type: "${ACTORS_RULE_QUEUE_TYPE:memory}"
      # Message queue maximum size (per tenant)
      max_size: "${ACTORS_RULE_QUEUE_MAX_SIZE:100}"
      # Message queue cleanup period in seconds
      cleanup_period: "${ACTORS_RULE_QUEUE_CLEANUP_PERIOD:3600}"
  statistics:
    # Enable/disable actor statistics
    enabled: "${ACTORS_STATISTICS_ENABLED:true}"
    persist_frequency: "${ACTORS_STATISTICS_PERSIST_FREQUENCY:3600000}"
  queue:
    # Enable/disable persistence of un-processed messages to the queue
    enabled: "${ACTORS_QUEUE_ENABLED:true}"
    # Maximum allowed timeout for persistence into the queue
    timeout: "${ACTORS_QUEUE_PERSISTENCE_TIMEOUT:30000}"
  client_side_rpc:
    timeout:  "${CLIENT_SIDE_RPC_TIMEOUT:60000}"

cache:
  # caffeine or redis
  type: "${CACHE_TYPE:caffeine}"

caffeine:
  specs:
    relations:
      timeToLiveInMinutes: 1440
      maxSize: 100000
    deviceCredentials:
      timeToLiveInMinutes: 1440
      maxSize: 100000
    devices:
      timeToLiveInMinutes: 1440
      maxSize: 100000

redis:
  # standalone or cluster
  connection:
    type: standalone
    host: "${REDIS_HOST:localhost}"
    port: "${REDIS_PORT:6379}"
    db: "${REDIS_DB:0}"
    password: "${REDIS_PASSWORD:}"

# Check new version updates parameters
updates:
  # Enable/disable updates checking.
  enabled: "${UPDATES_ENABLED:true}"

# spring CORS configuration
spring.mvc.cors:
   mappings:
     # Intercept path
      "/api/auth/**":
         #Comma-separated list of origins to allow. '*' allows all origins. When not set,CORS support is disabled.
         allowed-origins: "*"
         #Comma-separated list of methods to allow. '*' allows all methods.
         allowed-methods: "POST,GET,OPTIONS"
         #Comma-separated list of headers to allow in a request. '*' allows all headers.
         allowed-headers: "*"
         #How long, in seconds, the response from a pre-flight request can be cached by clients.
         max-age: "1800"
         #Set whether credentials are supported. When not set, credentials are not supported.
         allow-credentials: "true"
      "/api/v1/**":
         allowed-origins: "*"
         allowed-methods: "*"
         allowed-headers: "*"
         max-age: "1800"
         allow-credentials: "true"

# spring serve gzip compressed static resources
spring.resources.chain:
  gzipped: "true"
  strategy:
    content:
      enabled: "true"

# HSQLDB DAO Configuration
#spring:
#  data:
#    jpa:
#      repositories:
#        enabled: "true"
#  jpa:
#    hibernate:
#      ddl-auto: "validate"
#    database-platform: "${SPRING_JPA_DATABASE_PLATFORM:org.hibernate.dialect.HSQLDialect}"
#  datasource:
#    driverClassName: "${SPRING_DRIVER_CLASS_NAME:org.hsqldb.jdbc.JDBCDriver}"
#    url: "${SPRING_DATASOURCE_URL:jdbc:hsqldb:file:${SQL_DATA_FOLDER:/tmp}/thingsboardDb;sql.enforce_size=false;hsqldb.log_size=5}"
#   username: "${SPRING_DATASOURCE_USERNAME:sa}"
#    password: "${SPRING_DATASOURCE_PASSWORD:}"

# PostgreSQL DAO Configuration
spring:
  data:
    sql:
      repositories:
        enabled: "true"
  sql:
    hibernate:
      ddl-auto: "validate"
    database-platform: "${SPRING_JPA_DATABASE_PLATFORM:org.hibernate.dialect.PostgreSQLDialect}"
  datasource:
    driverClassName: "${SPRING_DRIVER_CLASS_NAME:org.postgresql.Driver}"
    url: "${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/thingsboard}"
    username: "${SPRING_DATASOURCE_USERNAME:postgres}"
    password: "${SPRING_DATASOURCE_PASSWORD:######################}"

# Audit log parameters
audit_log:
  # Enable/disable audit log functionality.
  enabled: "${AUDIT_LOG_ENABLED:true}"
  # Specify partitioning size for audit log by tenant id storage. Example MINUTES, HOURS, DAYS, MONTHS
  by_tenant_partitioning: "${AUDIT_LOG_BY_TENANT_PARTITIONING:MONTHS}"
  # Number of days as history period if startTime and endTime are not specified
  default_query_period: "${AUDIT_LOG_DEFAULT_QUERY_PERIOD:30}"
  # Logging levels per each entity type.
  # Allowed values: OFF (disable), W (log write operations), RW (log read and write operations)
  logging_level:
    mask:
      "device": "${AUDIT_LOG_MASK_DEVICE:W}"
      "asset": "${AUDIT_LOG_MASK_ASSET:W}"
      "dashboard": "${AUDIT_LOG_MASK_DASHBOARD:W}"
      "customer": "${AUDIT_LOG_MASK_CUSTOMER:W}"
      "user": "${AUDIT_LOG_MASK_USER:W}"
      "rule_chain": "${AUDIT_LOG_MASK_RULE_CHAIN:W}"
      "alarm": "${AUDIT_LOG_MASK_ALARM:W}"
  sink:
    # Type of external sink. possible options: none, elasticsearch
    type: "${AUDIT_LOG_SINK_TYPE:none}"
    # Name of the index where audit logs stored
    # Index name could contain next placeholders (not mandatory):
    # @{TENANT} - substituted by tenant ID
    # @{DATE} - substituted by current date in format provided in audit_log.sink.date_format
    index_pattern: "${AUDIT_LOG_SINK_INDEX_PATTERN:@{TENANT}_AUDIT_LOG_@{DATE}}"
    # Date format. Details of the pattern could be found here:
    # https://docs.oracle.com/javase/8/docs/api/java/time/format/DateTimeFormatter.html
    date_format: "${AUDIT_LOG_SINK_DATE_FORMAT:YYYY.MM.DD}"
    scheme_name: "${AUDIT_LOG_SINK_SCHEME_NAME:http}" # http or https
    host: "${AUDIT_LOG_SINK_HOST:localhost}"
    port: "${AUDIT_LOG_SINK_POST:9200}"
    user_name: "${AUDIT_LOG_SINK_USER_NAME:}"
    password: "${AUDIT_LOG_SINK_PASSWORD:}"

state:
  defaultInactivityTimeoutInSec: 10
  defaultStateCheckIntervalInSec: 10
# TODO in v2.1
#  defaultStatePersistenceIntervalInSec: 60
#  defaultStatePersistencePack: 100