Installing D1 component

This page describes how to install D1 on a prepared server.

You install D1 by using a provided .zip archive which contains all tools and resources necessary for a local installation. Having installed and started the Conversion Service, you can follow this procedure to install D1. When you finish this procedure, you can start using Document.One system.

Before you begin

• Install Conversion Service as it is described in Installing Conversion Service.
• Prepare a server for installation of D1 component as it is described in Preparing for installation.
• Prepare files necessary for installation and configuration of D1. See Prepare files necessary for installation.
• Obtain the following database connection details: db URL, host, port, and user credentials.
• Set up JAVA environment variables. See Setting up JAVA environment variables.
• Create the SSL keystore password if you plan to enable HTTPS connection for D1. For details, see Generating SSL keystore.
• Prepare a file with encrypted passwords. See Encrypting system passwords.

note

The installation process is almost the same as for the Conversion Service. The difference is that now you will not have to enter the Conversion database data in the configuration file, because you have already set it up with the Conversion Service. Instead, you will simply link to the Conversion Service from runtime properties.

Installation process overview

To install the D1, you must perform the following steps:

1. D1 the mandatory settings in the installation-settings.yaml.
2. D1 advanced settings in the installation-setting.yaml. This step is optional.
3. Install D1.
4. Run health checks to test your installation.

Task 1: Configure mandatory settings

Open the installation-settings.yaml file in a text editor of your choice, and edit the following sections:

Section / Required parameters	Description	Notes
Installation Path: installationPath See Installation path configuration file reference.	You can either use the default path or set another value for the installation directory of your choice. All relative paths used in the configuration file are resolved from the installation directory.	If you set other than the default value, you need to provide an absolute path in the configuration file.
Ports: httpsPort httpPort ajpPort serverPort See Ports configuration file reference.	Ports determine the URL under which D1 is available when installed. For example, http://hostname:8080 or https://hostname:8443. You can use the default ports, or adjust port values as required.	If you are installing D1 and Conversion Service on the same server, you must set unique values for each port.It means that all ports values for D1 must be different from the ones specified in the Conversion Service configuration file. This note is also applicable to the AMQ_SERVER_PORT parameter value.
Admin User: name password See Admin user configuration file reference.	In this section, you need to enter the credentials of the admin user.	You must encrypt the password of the admin user before entering it into the password field.
System Database: driver url user password See System database configuration file reference.	You need to put the information describing your system database into the properties found under the connectionDescriptor section. driver value depends on the database type: For PostgreSQL - org.postgresql.Driver(default) For Oracle - oracle.jdbc.OracleDriver For Oracle 8i - oracle.jdbc.driver.OracleDriver For MSSQL - com.microsoft.sqlserver.jdbc.SQLServerDriver MSSQL JTDS - net.sourceforge.jtds.jdbc.Driver For MYSQL - com.mysql.jdbc.Driver DB2 - com.ibm.db2.jdbc.net.DB2Driver url also depends on the database type. Use the syntax explained in the example section. PostgreSQL url Format: jdbc:postgresql://hostname:port/databaseName Example: jdbc:postgresql://localhost:5432/system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) databaseName - the name of the database (for example, system-db) Oracle with service name url Format: jdbc:oracle:thin@hostname:port/serviceName Example: jdbc:oracle:thin@localhost:5432/system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) serviceName - the database service name TNS alias (for example, system-db) Oracle with SID url Format: jdbc:oracle:thin@hostname:port:SID Example: jdbc:oracle:thin@localhost:5432:system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) SID - the database ID (for example, system-db) MSSQL url Format: jdbc:sqlserver://hostname:port;databaseName Example: jdbc:sqlserver://localhost:5432;system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) databaseName - the name of the database (for example, system-db) MYSQL url Format: jdbc:mysql://host:port/databaseName Example: jdbc:mysql://localhost:5432/system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) databaseName - the name of the database (for example, system-db) DB2 url Format: jdbc:db2://hostname:port/databaseName Example: jdbc:db2://localhost:5432/system-db Parameters description: hostname - actual name (for example, localhost) port - database port (for example, 5432) databaseName - the name of the database (for example, system-db) For user enter the user name with access to the database. For password enter the encrypted password of the database user.	The remaining properties in the configuration section must be left with the default values. You must encrypt the password of the admin user before entering it into the password field.
Runtime Properties - Platform Settings: TRIBEFIRE_PUBLIC_SERVICES_URL See Platform settings configuration file reference.	In this section, you must set the URL (https://[PUBLIC_HOST]:[PUBLIC_PORT]/tribefire-services) on which the service can be reached. When D1 is installed on a local machine, the URL would be something like https://localhost:8080/tribefire-services. If you are installing D1 in a cluster (Deployment use case 3), you must configure the following details: In the TRIBEFIRE_PUBLIC_SERVICES_URL field, specify the URL of the load balancer. Set the TRIBEFIRE_IS_CLUSTERED parameter to true. Add this host to the list of hosts in the AMQ_CLUSTER_NODES. See Runtime Properties - ActiveMQ Settings.	TRIBEFIRE_PUBLIC_SERVICES_URL must be reachable from the outside. Make sure it is not blocked by a firewall.
Runtime Properties - Conversion Settings: ADX_DEFAULT_REMOTE_CONVERSION_TFS_URL ADX_DEFAULT_REMOTE_CONVERSION_CONVERSION_USERNAME ADX_DEFAULT_REMOTE_CONVERSION_PASSWORD See Conversion settings configuration file reference. See Advanced settings for Conversion Service runtime.	You can fully skip this section if you have D1 and Conversion Service installed on the same server (Deployment use case 1). For the other deployment scenarios, you need to adjust the configuration as required. For the ADX_DEFAULT_REMOTE_CONVERSION_TFS_URL property, specify the hostname and port of the Conversion Service. If you have multiple Conversion Service servers deployed in a cluster, provide the URL of the load balancer. For the ADX_DEFAULT_REMOTE_CONVERSION_CONVERSION_USERNAME property, specify the user name of the Conversion Service. Typically, it is the default user set during Conversion Service installation set in the CONV_STANDARD_USER_NAME field. For the ADX_DEFAULT_REMOTE_CONVERSION_ property, enter the encrypted password of the Conversion Service user.	ADX_DEFAULT_REMOTE_CONVERSION_TFS_URL must be reachable from the outside. Make sure it is not blocked by a firewall.

When you have completed configuring the mandatory settings in your configuration file, you can optionally configure advanced settings described in Task 2 section. If you do not need to configure advanced settings, you can skip this step and proceed with Task 3.

Don't forget

Save changes when you are done configuring the file.

Task 2: Configure advanced settings

If you are installing a production system (deployment use case 3) or a Dev/Test environment (deployment use case 2), we recommend that you configure the advanced settings.

If you installing a sandbox environment (deployment 1 use case), then configuring advanced settings can be skipped.

note

Leaving the advanced settings to their default values will not prevent you from installing and running the D1.

Section / Parameters	Description	Notes
HTTPS/SSL: enforceHttps sslKeystoreFile path See HTTPS/ SSL configuration file reference.	HTTPS/SSL settings control how the D1 should be accessed once installed. Enable the following configuration: Set enforceHttps to true. If you plan to use the default keystore, then skip the rest of the steps. The rest of the configuration is needed only if you want to use the self-signed keystore. Uncomment the sslKeystoreFile, sslKeystorePassword and path parameters. For the path parameter, specify the path of the keystore file that you created earlier. For the sslKeystorePassword property, enter the encrypted password value that you have prepared earlier. That is it - you have now configured HTTPS access for D1. When installed with those setting, it will redirect to HTTPS, using the keystore that you generated.	If you do not need HTTPS access, you can skip this section entirely.
HTTP Security: trustedDomain See HTTP Security configuration file reference.	You can edit the trustedDomain value to restrict access to this server from other domains.	By default, cross-domain access is permitted for all hosts. Leave this configuration unchanged if you want to enable the default behavior.
Resources: maxConnections maxThreads See Resources configuration file reference.	Unless instructed otherwise, you can simply use the default JVM values.	N/a
Logging: logFilesDir consoleLogLevel logFilesLogLevel logFilesMaxSize logFilesCronRotate logFilesMaxCount See Logging configuration file reference.	In this section, you need to provide the directory for the log files. Use the default settings unless there is no specific need to change the default values.	N/a
Temporary Files: tempDir See Temporary files configuration file reference.	In this section, you set the directory for the temporary files. Use the default settings unless there is no specific need to change the default values.	N/a
ActiveMQ Settings: name hostAddress See ActiveMQ settings configuration file reference.	Each node provides embedded ActiveMQ communication. Leave the predefined configuration unchanged. You need to change the hostAddress value accordingly only if you change ActiveMQ runtime properties.	N/a
System Database - connection pools See Connection pools settings configuration file reference.	In this section, you can configure connection pools for various system databases. As stated by the configuration file comments, you do not need to change these properties unless instructed otherwise.	N/a
Project Settings: name displayName See Project settings configuration file reference.	projectDescriptor available in this section defines the name and the displayed name of the Tomcat service. You do not need to change these settings unless instructed otherwise.	N/a
Tomcat Service user See Tomcat settings configuration file reference.	tomcatServiceDescriptor available in this section defines the name of the service user when you run the application as a Tomcat service. You do not need to change these settings unless instructed otherwise.	N/a
Runtime Properties - Platform Settings: TRIBEFIRE_PUBLIC_SERVICES_URL TRIBEFIRE_IS_CLUSTERED See the following configuration file references: Basic settings for the platform runtime Advanced settings for the platform runtime	D1 is powered by the Tribefire platform, configured via the platform settings. TRIBEFIRE_PUBLIC_SERVICES_URL provides the URL on which this service can be reached. If you have clustered deployment, set this parameter to the URL of the load balancer. TRIBEFIRE_IS_CLUSTERED must be set to true if this node is a part of a cluster.	TRIBEFIRE_PUBLIC_SERVICES_URL must be reachable from the outside. Make sure it is not blocked by the firewall. In a case of the clustered deployment, you must also add the node URL to the list of hosts in the AMQ_CLUSTER_NODES. For details, see ActiveMQ settings.
Runtime Properties - ActiveMQ settings: AMQ_CLUSTER_NODES See the following configuration file references: Basic settings for ActiveMQ runtime Advanced settings for ActiveMQ runtime	Enter a full list of D1 nodes in the AMQ_CLUSTER_NODES field. Optionally, you can also set up the multicast communication.	If you change the host or port, you also need to adapt the host address in the ActiveMQ settings.
Runtime Properties - Repository settings Basic settings for D1 repositories Advanced settings for D1 repositories	In this part of the configuration file, you specify a number of the default properties related to D1 standard, CMIS, and Documentum repositories (and their cache configuration). If you add these settings now (which is not mandatory, but strongly recommended), your newly created repositories will have those default properties, and you will not have to add them manually in D1. You can initialize repositories based on your default values upon installation. To do so, set ADX_INIT_DEFAULT_REPOSITORY to true, and D1 will be installed with the initial repositories based on your settings.	If you set defaults on any repository (Standard, CMIS or Documentum), you also need to set cache repository defaults. When using Oracle as the repository database, you can only initialize a repository using the SID. You can leave the other properties as is, unless instructed otherwise.
Runtime Properties - Job retry settings See Job retry settings configuration file reference.	In this part of the configuration file, you can override the default retry mechanism settings. If you do not change the settings, retries will run based on the default settings.	N/a

Don't forget

Save changes when you are done configuring the file.

Task 3: Install D1

When you have completed setting up configuration in the installation-settings.yaml file, you can install D1.

1. Go to the directory where you unzipped the installation package.

2. Open the terminal and run the following command:

   On Windows	On Linux	Notes
   ./install.bat	./install.sh	This command does not need to be adapted, provided that you prepared the installation-setting.yaml and environment.sh as described in Setting up JAVA environment variables. If you have not prepared the environment.sh script, then you need to adapt the command with the corresponding paths and/or names. For example: /install.sh --settings /path/to/installation-settings.yaml --environment /path/to/environment.sh.

   D1 is to be installed in the directory specified in the configuration file.

3. Start the service as follows:

   a. From the installation directory, go to the tribefire/runtime/host/bin.

   b. Run the following command:

   On Windows	On Linux	Notes
   ./tribefire-console-start.bat	./tribefire-console-start.sh	Alternatively, you can start the server as a Linux service.

4. When D1 starts, verify that it is accessible. In a browser window enter the URL that you set for the TRIBEFIRE_PUBLIC_SERVICES_URLparameter (for example, http://localhost:8080).

Troubleshooting note

If the installation fails, please quote the full version of the package (including the -p suffix if it is in your package name) to the support team.

Task 4: Run D1 health checks

Perform the following steps to verify that D1 is accessible and the server is responding:

1. In the folder where you unzipped the deployment package, open the terminal and run one of the following commands:

   note

   Change the command accordingly so that it is referring to your server, port, and transfer protocol (http/https).

   On Linux	On Windows	Note
   ./check-health.sh --url http://localhost:8080	./check-health.bat --url http://localhost:8080
   ./check-health.sh --url http://localhost:8080 --environment ../environment.sh	./check-health.bat --url http://localhost:8080 --environment ../environment.bat	If you saved your environment variables script in a directory different from the installation directory, you need to reference the environment variable to run the health check.

   When the health check completes (it may take a few minutes), there are two possible outcomes:

   • Successfully completed health check. Deployed services are available.
   • Health check failed! For more information see health-check-result.json and/or run health check directly via http://localhost:8080/tribefire-services/health.

2. If the health checks failed, check the logs. If you used the default configuration settings (logFilesDir: property in the logging section), logs are saved in the /runtime/host/logs directory of your installation package folder.

3. Log in to D1 by using the URL and admin user credentials specified in the installation-settings.yaml file.

4. Run a connection health check on the repository: Click Health in the bottom menu, and then select Connection Check. The resulting report should be all green.

5. Synchronize the repository: Click Synchronize in the bottom menu.

6. Activate the repository: Click Activate in the bottom menu. This action enables the Content Access and brings all endpoints online.

7. Run a deep health check on the repository: Click Health in the bottom menu, and then select Deep Check. The resulting report should be all green. If the report is OK, you can now start using D1.

D1 configuration file reference

Installation path

# ** Installation Path **
# The directory where the application will be installed. Note that files from previous installations may be overridden.
# Note that there are other (relative) paths specified in this file, which will be resolved relative to this installation path.
# For example, if path is '/opt/braintribe/adx/tribefire', the (default) log files directory is '/opt/braintribe/adx/logs'.
installationPath: '/opt/braintribe/adx/tribefire'

Ports

# ** Ports **
# The following settings are used to configure ports where server listens for requests.
# If multiple nodes are installed on the same machine, ports have to be adapted for node.
# It usually makes sense to just change the first digit to use another port range.
# Example: node A uses 8xxx (i.e. 8080,8443,8009,8005), node B uses 9xxx (9080,9443,9009,9005), node C uses 10xxx (10080,10443,10009,10005).

# The HTTP port where the server listens for requests. If set to e.g. 8080, HTTP (base) url will be http://[host]:8080/.
httpPort: 8080
# The HTTPS port where the server listens for requests. If set to e.g. 8443, HTTPS (base) url will be https://[host]:8433/.
httpsPort: 8443
# The AJP connector port (see https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html)
ajpPort: 8009
# The Tomcat server port (e.g. for shutdown commands)
serverPort: 8005

HTTPS/SSL

# ** HTTPS/SSL **
# Whether or not to enforce HTTPS, i.e. redirect HTTP to HTTPS
enforceHttps: false

# The path to the SSL keystore file, PKCS 12 format (see https://en.wikipedia.org/wiki/PKCS_12).
# If not set, the default keystore with a self-signed certificate will be used.
#sslKeystoreFile: !com.braintribe.model.resource.FileResource
#  path: '/path/to/keystore.p12'

# One can use openssl to generate a (self signed) keystore file:
#   openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
#   openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in certificate.crt -inkey privateKey.key -out keystore.pkcs12 -name 'tribefire'
# For more information see https://www.openssl.org/.

# The password for the keystore file (see above). Replace "[ENCRYPTED_PASSWORD]" with the encrypted password, e.g. '${decrypt("HMuN/VXo5+L0vVQzuJe7bAOiBmeKzWluP+POb7zjkcLCnzgawUfWmZAIu9eIOfVAzEQn6Q==")}'.
#sslKeystorePassword: '${decrypt("[ENCRYPTED_PASSWORD]")}'

# If the keystore file was generated without a password, set the password to empty string.
#sslKeystorePassword: ''

HTTP security

# ** HTTP Security **
# The Cross Domain Policy is used to define cross-domain related security settings.
# For example, if there are other web applications which want to embed this application's content in an iframe, e.g. the Web Reader,
# these applications have to be in the trustedDomain configured below. Examples:
#   '*' - permit cross-domain access from any host
#   '*.example.com' - permit cross-domain access from respective hosts on example.com domain
#   '' - disable cross-domain access
# Note that this setting has nothing to do with normal clients connecting to this application or other applications connecting via API.
# For further information read e.g. the HTTP Security section at https://developer.mozilla.org/en-US/docs/Web/HTTP.
crossDomainPolicy: !com.braintribe.model.platform.setup.api.cdp.SimpleCrossDomainPolicy
  trustedDomain: '*'

Resources

# ** Resources **
# The maximum number of connections (or -1 for no limit)
maxConnections: -1
# The maximum number of request worker threads.
maxThreads: 4000

Logging

# ** Logging **
# The path of the directory where log files will be written to. '&logFilesDir' specifies an anchor, which makes it possible to reference the value below, see setting 'checkWriteAccessForDirs'.
# Relative paths are supported and will be resolved relative to the installation path (see setting 'installationPath).
# Example: if installation path is '/opt/braintribe/adx/tribefire', then '../logs' means '/opt/braintribe/adx/logs'.
logFilesDir: &logFilesDir '../logs'

# Log level for console output. Examples: SEVERE,WARNING,INFO,FINE,FINEST
consoleLogLevel: 'INFO'

# Log level for file output. Examples: SEVERE,WARNING,INFO,FINE,FINEST
logFilesLogLevel: 'FINE'

# Enables log rotation based on file size (in bytes). If the specified maximum is exceeded, the current log file will be archived and a new one will be created.
logFilesMaxSize: 15000000

# Enables log rotation based on a Cron expression.
# Note that in addition to the standard fields also field [second] is supported. It works like [minute].
# Thus supported fields are: [second], [minute], [hour], [day of the month], [month], [day of the week]
# For more information see https://en.wikipedia.org/wiki/Cron.

# Rotate every day at midnight
logFilesCronRotate: '0 0 0 * * *'
# Rotate every hour
#logFilesCronRotate: '0 0 * * * *'

# Maximum number of archived log files (see also log rotation settings above). If the maximum is exceeded, the oldest archived log files gets deleted.
logFilesMaxCount: 10

Temporary files

# ** Temporary Files **
# The path of the directory where temporary files will be written to. '&tempDir' specifies an anchor, which makes it possible to reference the value below, see setting 'checkWriteAccessForDirs'.
# Relative paths are supported and will be resolved relative to the installation path (see setting 'installationPath).
# Example: if installation path is '/opt/braintribe/adx/tribefire', then '../temp' means '/opt/braintribe/adx/temp'.
tempDir: &tempDir '../temp'

Admin user

# ** Admin User **
# Configures the credentials for the default admin user.
# If the user doesn't exist yet, it will be created and the password will be set as specified here.
# If the user already exists, nothing will be done, i.e. its password will NOT be changed!
predefinedComponents:
ADMIN_USER: !com.braintribe.model.user.User
# Admin user name
name: 'admin'
# Admin user password. Replace "[ENCRYPTED_PASSWORD]" with the encrypted password, e.g. '${decrypt("HMuN/VXo5+L0vVQzuJe7bAOiBmeKzWluP+POb7zjkcLCnzgawUfWmZAIu9eIOfVAzEQn6Q==")}'.
password: '${decrypt("VTGEjDxNV17nHqxj/aXrLwAKmksFgUWIht5JZdPIZb5r3yeODUE0v+hz72y4TDD7eZfP9Q==")}'

ActiveMQ settings

# ** ActiveMQ Settings **
# Configures the ActiveMQ connection. Since each node provides an embedded ActiveMQ server, the URL just points to localhost.
# Unless a custom ActiveMQ server port is configured below (see AMQ_SERVER_PORT), there is no need to change these settings.
  MQ: !com.braintribe.model.messaging.jms.JmsActiveMqConnection
    name: 'ActiveMQ Connection'
    hostAddress: 'tcp://localhost:61616'

System database

# ** System Database **
# Configures the default system database connection pool.
  DEFAULT_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool
    # The external id of the connection pool (don't change!)
    externalId: 'connection.default'
    # The name of the connection pool (don't change!)
    name: 'Default Database Connection'
    # This minimum connection pool size
    minPoolSize: 3
    # This maximum connection pool size
    maxPoolSize: 20
    # Connection settings ( '&systemDatabaseConnection' specifies an anchor, which makes it possible to re-use the connection settings below)
    connectionDescriptor: &systemDatabaseConnection !com.braintribe.model.deployment.database.connector.GenericDatabaseConnectionDescriptor
      # JDBC Driver
      #   Postgres: 'org.postgresql.Driver'
      #   Oracle: 'oracle.jdbc.OracleDriver'
      #   MSSQL: 'com.microsoft.sqlserver.jdbc.SQLServerDriver'
      driver: 'org.postgresql.Driver'
      # JDBC URL
      #   Postgres: 'jdbc:postgresql://localhost:5432/system-db'
      #   Oracle: ' jdbc:oracle:thin:@localhost:1521:orcl12c'
      #   MSSQL: 'jdbc:sqlserver://localhost:5433;databaseName=system-db;'
      url: 'jdbc:postgresql://localhost:5432/your-system-db'
      # Database user name
      user: 'adminDB'
      # Database user password. Replace "[ENCRYPTED_PASSWORD]" with the encrypted password, e.g. '${decrypt("HMuN/VXo5+L0vVQzuJe7bAOiBmeKzWluP+POb7zjkcLCnzgawUfWmZAIu9eIOfVAzEQn6Q==")}'.
      password: '${decrypt("VTGEjDxNV17nHqxj/aXrLwAKmksFgUWIht5JZdPIZb5r3yeODUE0v+hz72y4TDD7eZfP9Q==")}'

Connection pools settings

# The following section configures connection pools for various system databases.
# It can e.g. be used to store certain system data in a different database or to individually tweak connection pool settings.

# In this example settings files the connection settings for the default system database (see above) are re-used (via reference '*systemDatabaseConnection')
# and defaults for connection pool sizes are configured. Therefore it is often not required modify this section.

  USER_SESSIONS_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool {
    externalId: 'connection.user-sessions', name: 'User Sessions Connection', connectionDescriptor: *systemDatabaseConnection,
    # Connection pool configuration. Further settings can be added, if needed (see DEFAULT_DB configuration above)
    maxPoolSize: 20
  }
  USER_SESSION_STATISTICS_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool {
    externalId: 'connection.user-session-statistics', name: 'User Session Statistics Connection', connectionDescriptor: *systemDatabaseConnection,
    # Connection pool configuration. Further settings can be added, if needed (see DEFAULT_DB configuration above)
    maxPoolSize: 10
  }
  AUTH_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool {
    externalId: 'connection.auth', name: 'Authentication Connection', connectionDescriptor: *systemDatabaseConnection,
    # Connection pool configuration. Further settings can be added, if needed (see DEFAULT_DB configuration above)
    maxPoolSize: 10
  }
  LOCKING_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool {
    externalId: 'connection.locking', name: 'Locking Connection', connectionDescriptor: *systemDatabaseConnection,
    # Connection pool configuration. Further settings can be added, if needed (see DEFAULT_DB configuration above)
    maxPoolSize: 10
  }
  LEADERSHIP_DB: !com.braintribe.model.deployment.database.pool.HikariCpConnectionPool {
    externalId: 'connection.leadership', name: 'Leadership Connection', connectionDescriptor: *systemDatabaseConnection,
    # Connection pool configuration. Further settings can be added, if needed (see DEFAULT_DB configuration above)
    maxPoolSize: 5
  }

Project settings

# ** Project Settings **
# Configures the project / product name. Usually these settings don't have to be changed. The names are e.g. used as service name,
# when starting Tomcat as a service. See 'tomcatServiceDescriptor' below.
projectDescriptor:
  name: 'adx'
  displayName: 'Agile Documents Platform'

Tomcat settings

# ** Tomcat Service **
# One can use script /tribefire/runtime/host/bin/tribefire-service.sh to run the application as a Tomcat service.
# In that case one can configure the service user here. Service name, by default, will be based on project name, see 'projectDescriptor' above.
# For further information about running Tomcat as a service read the documentation.
tomcatServiceDescriptor:
  # Specifies the name of the service user
  user: '[SERVICE_USER]'

Runtime properties

Runtime properties are used to configure application specific settings. Which properties are available or required depends on the application. For the complete list of supported runtime properties see Runtime properties. However, all important and mandatory properties are listed in this section of the configuration file.

Runtime properties: platform settings

# ** Runtime Properties **
# Runtime properties are used to configure application specific settings. Which properties are available/required depends on the application.
# For the complete list of supported runtime properties refer to the documentation. However, all important/mandatory properties are listed below.
runtimeProperties:
  ##############################################################################
  # Platform Settings
  ##############################################################################
  # This enables support for encrypted passwords in this configuration file (don't change!)
  TRIBEFIRE_SECURED_ENVIRONMENT: 'true'

  # Specifies how long a user session should remain active when there is no activity on the session.
  # After the specified inactive time has passed (i.e. no request with the corresponding session ID has been received by the server),
  # the session is flagged as inactive and consequently removed by a periodic cleanup process.
  # The time span can be specified as a human-readable string, using numbers and the time unit, as in 12h, 30m, 3600s, etc.
  TRIBEFIRE_USER_SESSIONS_MAX_IDLE_TIME: '30m'

  # When this is set to true, the login dialog will offer an option to stay signed-in after a browser restart.
  # If this is set to false, the user session will always be closed when the browser is closed.
  # This is achieved by using a session cookie that stores the user's session ID until the browser is closed.
  TRIBEFIRE_RUNTIME_OFFER_STAYSIGNED: 'true'

  # The public tribefire services URL, i.e. the URL through which clients and other services can reach this service.
  # This is e.g. needed for callbacks, for example when service A invokes an (asynchronous) job on B and passes a callback URL,
  # through which B can notify A when the job is done.
  #
  # In a clustered environment, i.e. multiple nodes, the load balancer URL has to be specified here.
  # If there is only a single node and no proxy or something like that, the URL is usually just
  # 'https://(hostname of this machine):(https port configured above)/tribefire-services'.
  #
  # Make sure that the public URL is reachable from other machines, e.g. verify that configured ports are opened in the firewall.
  TRIBEFIRE_PUBLIC_SERVICES_URL: 'https://[PUBLIC_HOST]:[PUBLIC_PORT]/tribefire-services'

  # Indicates whether or not this node is part of a cluster.
  # (Note that a cluster may also just have a single node, thus this setting can always be enabled.)
  TRIBEFIRE_IS_CLUSTERED: 'true'

  # A comma-separated list of host names (or IP addresses) of the nodes that should form a cluster.
  # Example: 'adx1.example.com,adx2.example.com,adx3.example.com'
  # If there are multiple nodes, these nodes must (!) be behind a load balancer and clients or other services must connect
  # through the respective load balancer URL (specified in TRIBEFIRE_PUBLIC_SERVICES_URL).
  # If there is just a single node, i.e. no cluster, this can be left empty.
  TRIBEFIRE_CLUSTER_NODES: ''

Runtime properties: ActiveMQ settings

##############################################################################
  # ActiveMQ Settings
  ##############################################################################
  # Each node provides its own, embedded messaging service (based on ActiveMQ).
  # The messaging service enables nodes to communicate with each other, e.g. to send notification events from one node to all others.

  # The ActiveMQ server port.
  AMQ_SERVER_PORT: '61616'

  # A comma-separated list of host names (or IP addresses) of the nodes that should form a cluster.
  # Each address may also include a port (separated by a colon). If no port is specified, it defaults to the port configured in setting AMQ_SERVER_PORT.
  # Example: 'adx1.example.com,adx2.example.com,adx3.example.com:61617'
  # By default this setting just points to TRIBEFIRE_CLUSTER_NODES and usually there is no need to change this.
  # Only exception is when one runs multiple instances on the same host (with different ActiveMQ ports).
  AMQ_CLUSTER_NODES: '${TRIBEFIRE_CLUSTER_NODES}'

  # As an alternative to setting AMQ_CLUSTER_NODES ActiveMQ also supports connection to remote nodes via multicast transport.
  # This feature is disabled by default. Before enabling it ensure that the network (and firewalls, if any) permit multicasts on port 6155.
  #
  # The group name shared between all adx cluster nodes. Setting this value activates the multicast transport.
  #AMQ_DISCOVERY_MULTICAST_GROUP: 'adx'
  # The network interface through which multicasts are sent, e.g. 'eth0'.
  #AMQ_DISCOVERY_MULTICAST_NETWORK_INTERFACE: '[NETWORK_INTERFACE]'

Runtime properties: Conversion settings

##############################################################################
  # Conversion Settings
  ##############################################################################
  # Enables local conversion service. If set to false, a remote conversion service is required (see below).
  CONV_INITIALIZE: 'false'
  # Enables remote conversion service.
  # If enabled the following three properties need to be set as well.
  ADX_DEFAULT_REMOTE_CONVERSION_ENABLED: 'true'
  # The URL of the remote conversion service to be used.
  # If the remote conversion service is clustered, this must be the load balancer URL!
  ADX_DEFAULT_REMOTE_CONVERSION_TFS_URL: 'https://[CONV_HOST]:[CONV_PORT]/tribefire-services'
  # The name of the remote conversion service user. Add the name of the standard conversion user here,
  # i.e. the name set in property CONV_STANDARD_USER_NAME in conversion settings.
  ADX_DEFAULT_REMOTE_CONVERSION_USERNAME: 'tf-conversion'
  # The password of the remote conversion service user. Add the password of the standard conversion user here,
  # i.e. the password set in property CONV_STANDARD_USER_PASSWORD in conversion settings.
  ADX_DEFAULT_REMOTE_CONVERSION_PASSWORD: '${decrypt("[ENCRYPTED_PASSWORD]")}'

Runtime properties: fulltext settings

##############################################################################
# Fulltext Settings
##############################################################################
# Whether an elasticsearch service should be started together with this ADx installation.
ELASTIC_RUN_SERVICE: 'true'
# Whether to enable the default elasticsearch access.
#ELASTIC_CREATE_DEMO_ACCESS: 'false'
# The base directory to store elasticsearch indices.
# In clustered environments this must point to a shared file system and all nodes must use the same folder.
ELASTIC_SERVICE_DATA_PATH: '${TRIBEFIRE_INSTALLATION_ROOT_DIR}/../elastic'
# The elasticsearch service port (used for intercommunication between the nodes).
ELASTIC_PORT: '9300'
# A comma-separated list of host names (or IP addresses) of the nodes that should form a cluster.
# Each address may also include a port (separated by a colon). If no port is specified, it defaults to the port configured in setting ELASTIC_PORT.
# Example: 'adx1.example.com,adx2.example.com,adx3.example.com:9301'
# By default this setting just points to TRIBEFIRE_CLUSTER_NODES and usually there is no need to change this.
# Only exception is when one runs multiple instances on the same host (with different elasticsearch ports).
ELASTIC_CLUSTER_NODES: '${TRIBEFIRE_CLUSTER_NODES}'
# Whether or not to enable fulltext indexing by default when creating new repository.
ADX_DEFAULT_REPOSITORY_FULLTEXT_ENABLED: 'true'

Runtime properties: repository settings

##############################################################################
  # Standard Repository Default Settings - uncomment and adapt values if needed
  # (If you decide to use these settings, you probably also want to configure the default Cache repository settings below.)
  ##############################################################################
  # Whether or not to create a default repository based on the default settings below.
  # The creation of that default repository simplifies the post installation health checks
  # (because the checks can be run directly against that repository without having to create another one first).
  # This approach also verifies that the default settings are correct.
  #ADX_INIT_DEFAULT_REPOSITORY: 'true'
  # The type of the default database. Can be one of the following: Oracle, MSSQL, MySQL, PostgreSQL, DB2.
  #ADX_DEFAULT_DB_TYPE: '[DATABASE_TYPE]'
  # The name of the default database. When using Oracle database, enter the SID.
  #ADX_DEFAULT_DB_NAME: '[DATABASE_NAME]'
  # The hostname/ip of the default database.
  #ADX_DEFAULT_DB_HOST: '[DATABASE_HOST]'
  # The port of the default database.
  #ADX_DEFAULT_DB_PORT: '[DATABASE_PORT]'
  # The username for authentication with the default database.
  #ADX_DEFAULT_DB_USER: '[DATABASE_USER]'
  # The password for authentication with the default database. This value has to be encrypted.
  #ADX_DEFAULT_DB_PASSWORD: '${decrypt("[ENCRYPTED_PASSWORD]")}'
  # The default content storage type.
  # Specifies whether to store resources on file system (-> 'fs') or in the database (-> 'db').
  # Note that this only affects storage of files. Metadata is always stored in the database.
  #ADX_DEFAULT_STORAGE_CONTENT_TYPE: 'fs'
  # The default content storage path. (This setting only takes effect if ADX_DEFAULT_STORAGE_CONTENT_TYPE is set to 'fs'.)
  # In clustered environments this must point to a shared file system and all nodes must use the same folder.
  # Each repository must use its own path! Therefore it is recommended to include the
  # string '{repositoryName}' (without '$' prefix). It will be replaced with the technical repository name.
  #ADX_DEFAULT_STORAGE_CONTENT_PATH: '${TRIBEFIRE_INSTALLATION_ROOT_DIR}/../repository-resources/{repositoryName}/content'

  ##############################################################################
  # CMIS Repository Default Settings - uncomment and adapt values if needed
  # (If you decide to use these settings, you probably also want to configure the default Cache repository settings below.)
  ##############################################################################
  # The default CMIS Service URL.
  #ADX_DEFAULT_CMIS_SERVICEURL: 'https://[HOST]:[PORT]/emc-cmis/browser'
  # The default CMIS RepoID.
  #ADX_DEFAULT_CMIS_REPOID: '[REPOSITORY_ID]'
  # The default CMIS USER.
  #ADX_DEFAULT_CMIS_USER: '[USER]'
  # The default CMIS password.
  #ADX_DEFAULT_CMIS_PASSWORD: '${decrypt("[ENCRYPTED_PASSWORD]")}'

  ##############################################################################
  # Documentum Repository Default Settings - uncomment and adapt values if needed
  # (If you decide to use these settings, you probably also want to configure the default Cache repository settings below.)
  ##############################################################################
  # The default Documentum Service URL.
  #ADX_DEFAULT_DCTM_SERVICEURL: 'https://[HOST]:[PORT]/emc-dfs/services'
  # The default Documentum RepoID.
  #ADX_DEFAULT_DCTM_REPOID: '[REPOSITORY_ID]'
  # The default Documentum USER.
  #ADX_DEFAULT_DCTM_USER: '[USER]'
  # The default Documentum password.
  #ADX_DEFAULT_DCTM_PASSWORD: '${decrypt("[ENCRYPTED_PASSWORD]")}'

  ##############################################################################
  # Cache Repository Default Settings - uncomment and adapt values if needed
  # (If you configured any of the default repository settings above, you probably also want to configure the default Cache repository settings.)
  ##############################################################################
  # The type of the default cache database. Can be one of the following: Oracle, MSSQL, MySQL, PostgreSQL, DB2.
  #ADX_DEFAULT_CACHE_DB_TYPE: '${ADX_DEFAULT_DB_TYPE}'
  # The name of the default cache database. When using Oracle database, enter the SID.
  #ADX_DEFAULT_CACHE_DB_NAME: '${ADX_DEFAULT_DB_NAME}'
  # The hostname/ip of the default cache database.
  #ADX_DEFAULT_CACHE_DB_HOST: '${ADX_DEFAULT_DB_HOST}'
  # The port of the default cache database.
  #ADX_DEFAULT_CACHE_DB_PORT: '${ADX_DEFAULT_DB_PORT}'
  # The username for authentication with the default cache database.
  #ADX_DEFAULT_CACHE_DB_USER: '${ADX_DEFAULT_DB_USER}'
  # The password for authentication with the default cache database. This value has to be encrypted.
  #ADX_DEFAULT_CACHE_DB_PASSWORD: '${ADX_DEFAULT_DB_PASSWORD}'
  # The default cache storage type.
  # Specifies whether to store resources on file system (-> 'fs') or in the database (-> 'db').
  # Note that this only affects storage of files. Metadata is always stored in the database.
  #ADX_DEFAULT_STORAGE_CACHE_TYPE: 'fs'
  # The default storage path. (This setting only takes effect if ADX_DEFAULT_STORAGE_CACHE_TYPE is set to 'fs'.)
  # In clustered environments this must point to a shared file system and all nodes must use the same folder.
  # Each repository must use its own path! Therefore it is recommended to include the
  # string '{repositoryName}' (without '$' prefix). It will be replaced with the technical repository name.
  #ADX_DEFAULT_STORAGE_CACHE_PATH: '${TRIBEFIRE_INSTALLATION_ROOT_DIR}/../repository-resources/{repositoryName}/cache'

  ##############################################################################
  # Cloud Repository Default Settings
  #
  # Content can also be stored in the cloud, e.g Amazon S3.
  # Since this is a less common use case for a default repository, the properties are not listed in these example settings.
  # However, they can be looked up in the documentation:
  # https://adx.tribefire.com/tribefire.adx.phoenix/adx-doc/Installation/runtime_properties.html#adx-cloud-storage-properties
  ##############################################################################

  ##############################################################################
  # Repository Connectivity Default Settings
  # These settings define the default connection privileges for newly created repositories.
  ##############################################################################
  # Sets the 'Connect Default' property in the Access Control Configuration. Possible values are GRANT (default) and DENY.
  #ADX_DEFAULT_REPOSITORY_CONNECTIVITY_PERMISSION: 'GRANT'
  # A comma-separated list of the roles that should automatically get CONNECT access granted.
  # For example: 'role1,role2'
  #ADX_DEFAULT_REPOSITORY_CONNECTIVITY_ROLES_GRANT: ''
  # A comma-separated list of the roles that should automatically get CONNECT access denied.
  # For example: 'role3,role4'
  #ADX_DEFAULT_REPOSITORY_CONNECTIVITY_ROLES_DENY: ''
  ##############################################################################

  ##############################################################################
  # Repository Export Default Settings
  ##############################################################################
  # Whether or not to enable metadata export by default when creating a new repository.
  #ADX_DEFAULT_REPOSITORY_METADATA_EXPORT_ENABLED: 'true'
  ##############################################################################

Runtime properties: jobs retry settings

##############################################################################
# ADx Conversion Jobs Retry Settings
# This mechanism periodically checks for stale ADx jobs and revives them.
# (The settings below are for now global settings, which means they can't be
#  configured on repository level via the administration UI yet.)
##############################################################################
# The interval between checks for stale ADx Content representation jobs.
# Allowed units: year (y), month (m), day (d), hour (h), minute (min), second (s)
ADX_DEFAULT_JOB_REVIVE_WORKER_CHECK_INTERVAL: '5 min'
# Maximum inactivity period of a stale job before a retry.
# Allowed units: year (y), month (m), day (d), hour (h), minute (min), second (s)
ADX_DEFAULT_JOB_REVIVE_WORKER_MAX_INACTIVITY_BEFORE_RETRY: '60 min'
# The maximum number of retries for a single job. If this number is reached,
# there will be no further retries and the problem has to be analyzed and fixed manually.
ADX_DEFAULT_JOB_REVIVE_WORKER_MAX_TRIES: '3'