Jetconf configuration is set as
.conf text file in YAML format loaded by Jetconf on startup.
Jetconf configuration has two types sections, common sections and application-specific sections.
Common sections are configuring core Jetconf settings available in any running same version of Jetconf. It do not depend on the Jeconf backend package.
GLOBAL: TIMEZONE: "Europe/Prague" LOGFILE: "-" PIDFILE: "/tmp/jetconf.pid" PERSISTENT_CHANGES: true LOG_LEVEL: "info" LOG_DBG_MODULES: ["usr_conf_data_handlers", "data"] YANG_LIB_DIR: "yang-data/" DATA_JSON_FILE: "data.json" VALIDATE_TRANSACTIONS: true CLIENT_CN: false BACKEND_PACKAGE: "jetconf_jukebox"
A timezone of the Jetconf server. This is necessary because all timestamps returned in HTTP response headers need to be returned in GMT.
A location of Jetconf’s log file. This can be either a
path on the filesystem or a
If configured as a
-, Jetconf server will run in foreground and all logging information will
be written to stdout (suitable for testing).
A location of Jetconf’s process ID file.
This option specifies if the changes commited to datastore will also be synchronized to the filesystem
(JSON file defined by the
DATA_JSON_FILE option). It should be set to true in most cases, but can be turned
off for i.e. testing purposes. If turned off, the Jetconf datastore will contain exactly the same initial
data at every startup.
Defines the Jetconf’s log verbosity. Possible values are:
LOG_LEVEL is set to
debug, this options defines list of Python modules which will write out debugging information.
This is useful to prevent flooding the log with debugging messages from irrelevant modules.
I.e. when debugging
"usr_conf_data_handlers" module, you may not be interested with debug
information from the
"nacm". Can be set to wildcard
Specifies the location of YANG library. This is the directory containing
it must also contain the
"yang-library-data.json" file with configuration and description of
all present YANG modules.
A path to JSON file containing the datastore data. This file will be loaded at Jetconf startup.
PERSISTENT_CHANGES option is set to true, all changes made to the datastore will be also stored
to this file.
This option defines if the datastore data should be validated according to YANG data model after a transaction is commited. It should be set to true except for testing and debugging purposes.
If enabled, Jetconf will use
commonName to identify users.
By default Jetconf is using
emailAddress to identify users.
This option selects the package with backend bindings that Jetconf will use. An exact name of the Python package has to be specified here, and also the package has to be installed in Python’s environment.
HTTP_SERVER: DOC_ROOT: "doc-root" DOC_DEFAULT_NAME: "index.html" API_ROOT: "/restconf" API_ROOT_STAGING: "/restconf_staging" SERVER_NAME: "jetconf-h2" UPLOAD_SIZE_LIMIT: 1 LISTEN_LOCALHOST_ONLY: false PORT: 8443 DISABLE_SSL: false SERVER_SSL_CERT: "server.crt" SERVER_SSL_PRIVKEY: "server.key" CA_CERT: "ca.pem" DBG_DISABLE_CERTS: false
A root directory where regular files will be placed.
All HTTP GET requests outside
API_ROOT are considered as requests for regular files on filesystem.
A default filename in DOC_ROOT and its subdirectories.
Defines the base URI of RESTCONF data. All requests for resources inside API_ROOT will be considered as RESTCONF requests.
It is usually not needed to change this value. Example:
"/restconf" -> https://localhost/restconf/ns:some_resouce
Same as above, except this is for staging data (data edited by user, but not commited yet).
A value returned in
"Server: " header of HTTP response.
A maximum size of incoming data in
POST body (in megabytes), which the server can handle.
If set to
true, the Jetconf HTTP server will only accept incoming connections from localhost.
The TCP port of Jetconf server.
If enabled, the user authentication system based on client certificates will be turned off and user data
will be parsed from HTTP headers. For instance, this change allows you to run Jetconf behind a
load balancer where the TLS connection is terminated and http request is forwarded to
Jetconf server with relevant headers. Can be combined with
The location of server SSL certificate in PEM format.
The location of server SSL private key in PEM format.
The location of certification authority certificate, which is used for issuing client certificates.
If enabled, the user authentication system based on client certificates will be turned off
and every incoming connection will default to “test-user” username. This should never be turned
on in real environment, it is only intended for testing and benchmarking purposes
(no HTTP/2 benchmarking tools support client certificates at this moment).
Can be combined with
Application-specific sections are configuring additional Jetconf settings available in specific implementation Jetconf. Depends on Jeconf backend package. Typically it configures Jetconf backend settings, that have to be defined by backend developer.
For instance, configuration required by knot-jetconf backend package.
KNOT: SOCKET: "/tmp/knot.sock"
A path to KnotDNS control socket.