Management Console configuration file in detail
Management Console configuration file location
resilio-connect-server.conf configuration file's location depends on the operating system:
- Windows:
C:\ProgramData\Resilio\Connect Server\resilio-connect-server.conf - Linux:
${resilio_connect_server_dir}/var/resilio-connect-server.conf
Note
- The configuration file is in JSON format. When editing it, make sure to follow proper JSON syntax so the Management Console can parse it successfully.
- Stop the Management Console service before you edit the configuration file.
Below are the most commonly used parameters in the configuration file.
Sections and parameters in the configuration file
loggers section
Contains settings for log file rotation.
| Field | Default value | Purpose |
|---|---|---|
maxsize |
104857600 |
In bytes. The size of the debug log (common.log). When it reaches this size, it is archived. |
maxFiles |
10 |
Number of archived log files the Console retains. Older files are deleted. |
tailable |
true |
New events are appended to the file (tailable behavior). |
events_server section
The event logger records file operations performed by Agents on clients. For more information on events and logging, see Events.
| Field | Default value | Purpose |
|---|---|---|
maxFiles |
40 |
Maximum number of files stored by the event logger. |
protocol |
https |
Protocol used by clients to connect to the event server. |
maxsize |
10485760 |
Maximum file size. When exceeded, the event logger creates a new file, up to maxFiles. |
host |
0.0.0.0 or :: |
Interface used by the event logger for incoming connections. 0.0.0.0 and :: mean the logger listens on all available interfaces for IPv4 and IPv6, respectively. |
port |
8445 |
Port used by the event logger for incoming connections. |
peerServer section
The peerServer section contains settings used by clients to connect, report status, and receive a new set of settings from the Resilio Management Console.
| Field | Default value | Purpose |
|---|---|---|
tls |
{"cert": "certs/peer.crt","key": "certs/peer.key"} (not present by default) "secureProtocol": "TLSv1_2_method", "ciphers": [ "ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES128-SHA256", "ECDHE-RSA-AES128-GCM-SHA256" ] |
Path to Management Console custom certificate and private key, used for establishing SSL connections. For more information on using a custom certificate, see Running Management Console with custom digital certificate. The section also contains information about cipher suites used for securing connection between Agents and the Management Console (MC). Select ciphers have been deprecated in Resilio Active Everywhere 4.1 and are not available in clean installations. For more information, see Configuring TLS Encryption for Management Console. |
host |
0.0.0.0 or :: |
Interface used by the Resilio Management Console for incoming connections. 0.0.0.0 and :: mean the Console listens on all available interfaces for IPv4 and IPv6, respectively. |
port |
8444 |
Port used by the Resilio Management Console for incoming connections. |
https section
The https section contains settings used by an admin to connect to the Resilio Management Console web UI.
| Field | Default value | Purpose |
|---|---|---|
ssl |
{"cert": "path/to/web.crt", "key": "path/to/web.key"}, (not present by default) "secureProtocol": "TLSv1_2_method", "ciphers": [ "ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES128-SHA256", "ECDHE-RSA-AES128-GCM-SHA256" ] |
Path to the Management Console custom certificate and private key, used for accessing the web UI over SSL. For more information, see Running Management Console with custom digital certificate. The section also contains information about cipher suites used for securing connection to the Management Console web UI. Select ciphers have been deprecated in Resilio Active Everywhere 4.1 and are not available in clean installations. For more information, see Configuring TLS Encryption for Management Console. |
host |
0.0.0.0 or :: |
Interface used by the web UI for incoming connections. 0.0.0.0 and :: mean the Management Console listens on all available interfaces for IPv4 and IPv6, respectively. |
port |
8443 |
Port used by the web UI for incoming connections. |
backup section
The backup section contains settings for backing up all Resilio Management Console data as well as the cleanup schedule.
| Field | Default value | Purpose |
|---|---|---|
ttl |
30 |
Time in days to store backups. |
cleanup |
0 0 6 * * * |
Schedule to clean up old backups. |
schedule |
0 0 6 * * * |
Schedule to perform backups. |
"path" |
"data/server_backup" |
Backups location. |
Schedule format
The 0 0 6 * * * schedule format is similar to crontab but with six fields (second, minute, hour, day of month, month, day of week). So 0 0 6 * * * indicates a daily backup at 6:00 AM.
reporting section
| Field | Default value | Purpose |
|---|---|---|
dir |
data/reporting/daily | Name of the directory where event databases are stored. |
ttl |
1209600000 (N_Days_a_Year * Milliseconds_a_Day) |
Number in milliseconds for how long event databases are stored. Put this parameter on the next level under reporting. |
usersSecurity section
Info
The usersSecurity section is included by default in Resilio Active Everywhere 2.11 and newer. If your Management Console was upgraded from an earlier version, you can add this section manually to your configuration file.
| Field | Default value | Purpose |
|---|---|---|
passwordExpirationDaysPeriod |
120 |
Sets the expiration of a user's password, in days. Values less than 1 day or greater than 1825 days (5 years) are not allowed and are treated as 120 days instead. |
numPreviousPaswordsChecks |
10 |
Number of previously used passwords that will be stored and checked to enforce a unique password policy. For more information on passwords, see Password complexity policy. |
diskSpaceLevels section
Controls when low storage warnings are reported. A warning is issued when either threshold-space or ratio-is reached. When available storage reaches the low level, Agents send only error-type events. When available storage reaches the critical level, Agents stop sending events.
| Field | Default value | Purpose |
|---|---|---|
space |
1073741824 for low536870912 for critical |
In bytes. When that many free bytes remain on the storage, the Management Console will report a warning (low) or an error (critical), respectively. |
ratio |
0.05 for low0.02 for critical |
If only 5% or 2% of free space remains, the Management Console will report a warning (low) or an error (critical), respectively. |
apiGateway section
Info
Applicable to Resilio Active Everywhere 3.8 and newer.
Enabling the API gateway allows scaling request handling and preserves performance under heavy load.
| Field | Default value | Purpose |
|---|---|---|
enabled |
true |
Enabled by default for new Management Console deployments. Remains disabled for instances upgraded from older versions. |
porthost |
84460.0.0.0 |
By default, the API worker listens on port 8446 on all interfaces. |
api section
Controls the time to live for API tokens created for LDAP users using the API_tokens - Create API token for ldap user API request.
| Field | Default value | Purpose |
|---|---|---|
token_ttl |
0 |
Expressed in milliseconds. Time to live for API tokens created for LDAP users using the API_tokens - Create API token for ldap user API request. When set to 0, tokens do not expire. |
networkPolicy section
Controls network-related Management Console settings.
| Field | Default value | Purpose |
|---|---|---|
rebuildMapDelay |
60000 |
Expressed in milliseconds. Time interval between network policy connections map reconstruction. |
Other sections and miscellaneous parameters
winstonsection is used for Resilio Management Console and database logs. It is advised not to change the default values.logs-storagecontains the relative path to store debug logs collected by the Management Console from Agents.dbsection contains the path to the Resilio Management Console database.systemsection contains the path to the file where the Resilio Management Console records its PID when started.agentWorkerssection enables adding workers to the main MC process for heavily loaded systems. For more information, see Increasing Management Console Worker Threads.security- Not included by default. You can add it to address the following:- Disable local user accounts. For more information, see Disabling local user Accounts on Management Console.
-
Enable CSP (v4.1.0 and newer)