-
Notifications
You must be signed in to change notification settings - Fork 20
/
geoserver.yml
335 lines (316 loc) · 12.8 KB
/
geoserver.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
# This configuration file is imported by all geoserver-specific services' bootstrap.yml
# For the sake of clarity, configuration properties relative to the spring-boot application
# itself is imported from geoserver_spring.yml, and properties specific to geoserver from this file.
spring.config.import:
- geoserver_spring.yml
- optional:geoserver_logging.yml
- jndi.yml
spring:
# cache implementation to use if `geoserver.backend.caching.enabled: true`
cache:
type: caffeine
caffeine:
#CaffeineSpec supports parsing configuration off of a string
#The string syntax is a series of comma-separated keys or key-value pairs, each corresponding to a Caffeine builder method.
#
#initialCapacity=[integer]
#maximumSize=[long]
#maximumWeight=[long]
#expireAfterAccess=[duration]
#expireAfterWrite=[duration]
#refreshAfterWrite=[duration]
#softValues: sets Caffeine.softValues.
#recordStats: sets Caffeine.recordStats.
spec: softValues,initialCapacity=10000,maximumSize=10000,recordStats
# The following geoserver, geotools, and geowebcache configuration properties
# are common to all geoserver microservices, despite some may not apply to a given service,
# it's easier to have them all here in the default spring profile.
# Common configuration for all services. Override or add service specific config
# properties on each <service-name>-service.yml file
# GeoServer-Cloud common config properties
geoserver:
debug:
# add an X-gs-cloud-service-id:<service-id> response header to each response
# to track which cluster node replied
instanceId: false
# Access Control List client config. Usually enabled through the acl spring profile.
acl:
enabled: ${acl.enabled:false}
client:
basePath: ${acl.url:http://acl:8080/acl/api}
username: ${acl.username:}
password: ${acl.password:}
debug: ${acl.debug:false}
caching: ${acl.caching:true}
# timeout in seconds for startup to fail if API is not available
initTimeout: ${acl.initTimeout:10}
metrics:
enabled: true
instance-id: ${info.instance-id}
security:
enabled: true
authkey: true
jdbc: true
ldap: true
gateway-shared-auth:
# enable sharing the webui authentication through the gateway with the other microservices
# make sure the same config is applied in gateway-service.yml
enabled: ${gateway.shared-auth:true}
# if enabled, automatically set up the authentication filter chain
auto: true
# only to be set to true in the webui service (e.g. as in spring.config.activate.on-profile: webui_service)
server: false
servlet.filter.session-debug.enabled: false # until the NPE is fixed
catalog:
advertised: true
localWorkspace: true
isolated: true
secure: true
# enable if needed on a backend-specific profile (e.g. jdbcconfig)
caching.enabled: false
bus:
enabled: true
# whether to send distributed events (i.e. acts as master). All instances receive remote events.
send-events: true
# whether to send the object (CatalogInfo/config info) as payload with the event. Set to false,
# not all possible payload types are properly tested, and full object payload is not needed.
send-object: ${geoserver.backend.data-directory.enabled}
# whether to send a diff of changes as payload with the event. Set to false, not all possible payload types are properly tested nor needed.
send-diff: ${geoserver.backend.data-directory.enabled}
backend:
# configure catalog backends and decide which backend to use on this service.
# All backends are disabled, enable the required one on each service.
data-directory:
enabled: ${backend.data-directory:false}
location: ${GEOSERVER_DATA_DIR:/opt/app/data_directory}
# use optimized parallel datadirectory loader. Defaults to true
parallel-loader: true
eventual-consistency:
# eventual consistency enfocement. Bus events may come out of order under stress
enabled: true
# milliseconds to wait before retries. The list size determines the number of retries. The values the milliseconds to wait
retries: 25, 25, 50
jdbcconfig:
enabled: ${backend.jdbcconfig:false}
initdb: true
web.enabled: true
cache-directory: ${jdbcconfig.cachedir:${java.io.tmpdir}/cngs/jdbcconfig/cache}
datasource:
url: "${jdbcconfig.url:jdbc:postgresql://${jdbcconfig.host:database}:${jdbcconfig.port:5432}/${jdbcconfig.database:geoserver_config}?currentSchema=${jdbcconfig.schema:public}}"
username: ${jdbcconfig.username:geoserver}
password: ${jdbcconfig.password:geo5erver}
driverClassname: ${jdbcconfig.driverClassname:org.postgresql.Driver}
# optional:
minimumIdle: ${jdbcconfig.minConnections:0}
maximumPoolSize: ${jdbcconfig.maxConnections:8}
connectionTimeout: ${jdbcconfig.connectionTimeout:250}
idleTimeout: ${jdbcconfig.idleTimeout:10000}
pgconfig:
enabled: ${backend.pgconfig:false}
initialize: ${pgconfig.initialize:true}
schema: ${pgconfig.schema:public}
create-schema: true
datasource:
jndi-name: ${pgconfig.jndi-name:}
url: "${pgconfig.url:jdbc:postgresql://${pgconfig.host:database}:${pgconfig.port:5432}/${pgconfig.database:geoserver_config}}"
username: ${pgconfig.username:pgconfig}
password: ${pgconfig.password:pgconfig}
driverClassname: ${pgconfig.driverClassname:org.postgresql.Driver}
# optional:
minimumIdle: ${pgconfig.minConnections:0}
maximumPoolSize: ${pgconfig.maxConnections:10}
connectionTimeout: ${pgconfig.connectionTimeout:2500}
idleTimeout: ${pgconfig.idleTimeout:30000}
styling:
css.enabled: true
mapbox.enabled: true
wms:
reflector.enabled: true
kml.enabled: true
output-formats:
vector-tiles:
mapbox.enabled: true
geojson.enabled: true
topojson.enabled: true
# GeoTools HTTP Client proxy configuration, allows configuring cascaded WMS/WMTS/WFS stores
# that need to go through an HTTP proxy without affecting all the http clients at the JVM level
# These are default settings. The enabled property can be set to false to disable the custom
# HTTPClientFactory altogether.
# The following OS environment variables can be set for easier configuration:
# HTTP(S)_PROXYHOST, HTTP(S)_PROXYPORT, HTTP(S)_PROXYUSER, HTTP(S)_PROXYPASSWORD, HTTP(S)_NONPROXYHOSTS
geotools:
httpclient:
proxy:
enabled: true
http:
host: ${http.proxyHost:}
port: ${http.proxyPort:}
user: ${http.proxyUser:}
password: ${http.proxyPassword:}
# comma separated list of Java regular expressions, e.g.: nonProxyHosts: localhost, example.*
nonProxyHosts:
https:
host: ${https.proxyHost:${geotools.httpclient.proxy.http.host}}
port: ${https.proxyPort:${geotools.httpclient.proxy.http.port}}
user: ${https.proxyUser:${geotools.httpclient.proxy.http.user}}
password: ${https.proxyPassword:${geotools.httpclient.proxy.http.password}}
nonProxyHosts: ${https.nonProxyHosts:${geotools.httpclient.proxy.http.nonProxyHosts}}
# GeoWebCache-specific configuration properties, apply to services that run some GWC
# internal components. For example, all of gwc-service, wms-service, and web-ui, will
# need to access GeoWebCache's blob stores, and tile-layer configuration resources.
# wms-service and web-ui won't event load components related to GWC REST/Web APIs, web UI,
# and others. Unlike web-ui, wms-service will load the internal components needed for
# on-demand tile seeding in order to serve WMC-C tiled requests if gwc.wms-integration=true,
# so that gwc/wms-c integration workds independently of gwc-service.
gwc:
enabled: true
cache-directory: ${GEOWEBCACHE_CACHE_DIR:${geoserver.backend.data-directory.location}/gwc}
rest-config: true
web-ui: true
wms-integration: true
services:
wmts: true
tms: true
wms: true
kml: true
gmaps: true
mgmaps: true
blobstores:
azure: true
s3: true
---
#########################################################
#### Access Control List client applications profile ####
spring.config.activate.on-profile: acl
acl.enabled: true
acl.url: http://acl:8080/acl/api
acl.username: geoserver
acl.password: s3cr3t
acl.debug: false
acl.caching: true
acl.startupCheck: true
acl.initTimeout: 10
###################################################
#### GeoServer configuration backend profiles: ####
---
spring.config.activate.on-profile: datadir
backend.data-directory: true
---
spring.config.activate.on-profile: jdbcconfig
backend.jdbcconfig: true
geoserver:
catalog:
# not sure why isolated workspaces don't work with jdbcconfig as backend
isolated: false
# disable caching if using the jdbcconfig as backend, as it does its own caching internally
caching.enabled: false
---
spring.config.activate.on-profile: pgconfig
# enable the pgconfig catalog backend
backend.pgconfig: true
# configure the jndi jdbc datasource with the placeholders defined in jndi.yml
jndi.pgconfig.enabled: true
pgconfig.host: pgconfigdb
pgconfig.port: 5432
pgconfig.database: pgconfig
pgconfig.schema: pgconfig
pgconfig.username: pgconfig
pgconfig.password: pgconfig
pgconfig.maxConnections: 10
pgconfig.minConnections: 0
pgconfig.connectionTimeout: 2500
pgconfig.idleTimeout: 30000
pgconfig.initialize: true
# tell the pgconfig catalog backend which JNDI datasource to use
# e.g., jndi.datasources.pgconfig in jndi.yml defines java:comp/env/jdbc/pgconfig
pgconfig.jndi-name: java:comp/env/jdbc/pgconfig
# enable caching if using the pgconfig as backend
geoserver.catalog.caching.enabled: true
#############################################
#### per microservice-specific profiles: ####
---
spring.config.activate.on-profile: wfs_service
geoserver.security.layergroup-containmentcache: false
---
spring.config.activate.on-profile: wms_service
geoserver.security.layergroup-containmentcache: true
---
spring.config.activate.on-profile: wcs_service
geoserver.security.layergroup-containmentcache: false
---
spring.config.activate.on-profile: wps_service
geoserver.security.layergroup-containmentcache: false
---
spring.config.activate.on-profile: restconfig_service
geoserver.security.layergroup-containmentcache: false
---
spring.config.activate.on-profile: gwc_service
geoserver.security.layergroup-containmentcache: true
---
spring.config.activate.on-profile: webui_service
geoserver:
security:
layergroup-containmentcache: true
# set shared auth to server mode. It shall be false in all other services.
gateway-shared-auth.server: true
web-ui:
acl.enabled: ${geoserver.acl.enabled}
file-browser.hide-file-system: ${webui.hide-filesystem:false}
# These are all default values, here just for reference. You can omit them and add only the ones to disable or further configure
security.enabled: true
wfs.enabled: ${webui.wfs.enabled:true}
wms.enabled: ${webui.wms.enabled:true}
wcs.enabled: ${webui.wcs.enabled:true}
wps.enabled: ${webui.wps.enabled:true}
gwc:
enabled: ${gwc.enabled:true}
capabilities:
tms: ${gwc.services.tms:true}
wmts: ${gwc.services.wmts:true}
wmsc: ${gwc.services.wms:true}
extensions:
importer.enabled: ${webui.importer.enabled:false}
demos:
enabled: ${webui.demos.enabled:true}
wps-request-builder: true
wcs-request-builder: true
demo-requests: true
srs-list: true
reprojection-console: true
layer-preview-page:
enabled: ${webui.preview.enabled:true}
common-formats:
open-layers: true
gml: true
kml: true
tools:
enabled: ${webui.tools.enabled:true}
resource-browser: true
catalog-bulk-load: true
---
spring.config.activate.on-profile: geonode
# Access Control List client config. Replaces GeoFence
acl.enabled: true
---
#############################################
spring.config.activate.on-profile: local
## `local` profile, used for development only.
## Match ports to the ones defined in the development docker compose file
## allows to run an application from the IDE and join the cluster, providing environment
## variables that otherwise would be given by docker-compose.yml.
## It is safe to remove this profile completely in a production deployment config.
rabbitmq.host: localhost
rabbitmq.port: 5672
eureka.server.url: http://localhost:8761/eureka
config.server.url: http://localhost:8888
acl.url: http://localhost:9000/acl/api
jdbcconfig.url: jdbc:postgresql://localhost:54321/geoserver_config
jdbcconfig.username: geoserver
jdbcconfig.password: geo5erver
pgconfig.host: localhost
pgconfig.port: 8432
jndi:
datasources:
postgis.enabled: true
postgis.url: jdbc:postgresql://localhost:6432/postgis
GEOWEBCACHE_CACHE_DIR: ${GEOSERVER_DATA_DIR:/tmp}/gwc