System controller config
Reference for the Ateliere Live System Controller configuration file
This page describes the configuration settings possible to set via the acl_sc_settings.json file.
| Expanded Config name | Config name | Description | Default value |
|---|---|---|---|
| psk | psk | The Pre-shared key used to authorize components to connect to the System Controller. Must be 32 characters long | "" |
| security.salt | salt | Salt string for the generation of tokens and encryption keys | “Some random string” |
| security.n | n | Parameter for token and encryption generation. N is CPU/memory cost parameter, must be a power of 2, greater than 1. 1 | 65536 |
| security.r | r | Parameter for token and encryption generation. R is block size factor. R constrain must satisfy R*P < 2^30. 1 | 8 |
| security.p | p | Parameter for token and encryption generation. P is the parallelization parameter. P constrain must satisfy R*P < 2^30, if this is exceeded, an error will be returned 1 | 1 |
| security.keylen | keylen | The length of the generated tokens | 32 |
| client_auth.enabled | enabled | Switch to enable basic authentication for clients in the REST API | true |
| client_auth.username | username | The username that will grant access to the REST API | “admin” |
| client_auth.password | password | Password that will grant access to the REST API | “changeme” |
| https.enabled | enabled | Switch to enable encryption of the REST API as well as the connections between the System Controller and the connected components | true |
| https.certificate_file | certificate_file | Path to the certificate file. In pem format | "" |
| https.private_key_file | private_key_file | Path to the private key file. In pem format | "" |
| logger.level | level | The level that the logging will produce output, available in ascending order: debug, info, warn, error | info |
| logger.file_name_prefix | file_name_prefix | The prefix of the log filename. A unique timecode and “.log” will automatically be appended to this prefix. The prefix can contain both the path and the prefix of the log file. | "" |
| site.port | port | Port on which the service is accessible | 8080 |
| site.host | host | Hostname on which the service is accessible | localhost |
| rate_limit.requests_per_sec | RateLimit.RequestsPerSec | The average number of requests that are handled per second, before requests are queued up. (Number of tokens added to the token bucket per second 2) | 300 |
| rate_limit.burst_limit | RateLimit.BurstLimit | The number of requests that can be handled in a short burst before rate limiting kicks in (Maximum number of tokens in the token bucket 2). | 10 |
| response_timeout | response_timeout | The maximum time of a request between the System Controller and a component before the request is timed out | 5000ms |
| cors.allowed_origins | allowed_origins | Comma-separated list of origin addresses that are allowed | ["*"] |
| cors.allowed_methods | allowed_methods | Comma-separated list of HTTP methods that the service accepts | [“GET”, “POST”, “PUT”, “PATCH”, “DELETE”] |
| cors.allowed_headers | allowed_headers | Comma-separated list of headers that are allowed | ["*"] |
| cors.exposed_headers | exposed_headers | Comma-separated list of headers that are allowed for exposure | [""] |
| cors.allow_credentials | allow_credentials | Allow the xKHR to set credentials cookies | false |
| cors.max_age | max_age | How long the preflight cache is stored before a new must be made | 300 |
| custom_headers.[N].key | key | Custom headers, the key of the header, e.g.: Cache-Control | None |
| custom_headers.[N].value | value | Custom headers, the value to the key of the header, e.g.: no-cache | None |
| allow_any_version | allow_any_version | Allow components of any version to connect. When set to false, components with another major version than the System Controller will be rejected | false |