# Server

Server is one of the key Flopsar components, which is responsible for managing the entire Flopsar environment. It is a single, binary file `flopsar-server`.&#x20;

## CLI

The Flopsar server has a few command line options. All the available options of the server can be listed by executing the command:

```shell-session
$ flopsar-server --help
```

## Configuration

All the server settings are configured in a file `settings.yml`. This file contains the following default settings:

<pre class="language-yaml" data-title="settings.yml"><code class="lang-yaml"><strong>eula: true
</strong><strong>data: /path/to/data
</strong><strong>agent:
</strong>  server_ip: 0.0.0.0
  server_port: 9000
ui:
  server_ip: 0.0.0.0
  server_port: 9443
ssl:
  enable: true
  cert: server.crt
  key: server.pem
logger:
  max_size: 50MiB
  max_files: 5
archive:
  enable: false
  policy: purge
  start_at: 03:00:00.0
  retention: 3days
pass_policy:
  enable: true 
  min_len: 8
  digits: true 
  special_chars: false
  capital_letters: false
  forbidden_chars: ''
</code></pre>

#### `eula`

This option must be set to `true`, otherwise the server will not run. This is the EULA accept flag.

#### `data`

This option sets a path to the Flopsar environment directory.

#### `agent`

This option sets a server socket address, which is used by agents to connect to the server.

* `server_ip` - specifies the IP address (CIDR format), on which the server is to listen for TCP/IP connections from agents. Only agents should connect to this address. If you want the server to listen on all interfaces, put `0.0.0.0` value.
* `server_port` - specified the IP port, on which the server is to listen for TCP/IP connections from agents.&#x20;

#### `ui`

This option sets a server socket address, which is used by workstation clients to connect to the server.

* `server_ip` - specifies the IP address (CIDR format), on which the server is to listen for TCP/IP connections from workstation clients. Only workstation clients should connect to this address.
* `server_port` - specified the IP port, on which the server is to listen for TCP/IP connections from workstation clients.&#x20;

#### `ssl`

This option switches on/off encryption on the workstation clients connections. Please note, agent-server connections are not encrypted.

* `enable` - if set to `true`, enables the SSL encryption. If set to `false`, disables it.
* `cert` - the server certificate file name.
* `key` - the server private key file name.

The SSL files must be stored in the `ssl` directory.

#### `logger`

This option manages the server logger.

* `max_size` - maximal size a logger file can reach. When the value is reached, the logger file is rolled.
* `max_files` - maximal number of logger files. The oldest file is overwritten, so that the maximal number files is maintained according to this option value.

#### `archive`

This option manages [data archiving](#data-archiving).

* `enable` - if set to `true`, enables the data archiving feature. If set to `false`, disables it.
* `policy` - if set to `purge`, removes all the old data. If set to `archive`, backup the data.
* `start_at` - sets a time of day the archive procedure should start. The time of day is specified in the format `HH:MM:SS.m`
* `retention` - sets the data retention.

**`pass_policy`**

This option allows you to configure the password requirements for your system. It provides several parameters to define the desired policy.

* `enable` - if set to `true`, enables the passwords policy feature. If set to `false`, disables it.
* `min_len` - sets a requirement for the minimal password length.
* `digits` - if set to `true`, passwords must have at least one digit.
* `special_chars` - if set to `true`, passwords must have at least one special character.
* `capital_letters` - If set to true, passwords must have at least one capital letter.
* `forbidden_chars` - this parameter allows you to specify a list of characters that are not allowed in passwords. If any of the specified characters are found in a password, it will be considered invalid. If the parameter is empty, all characters are allowed in passwords.&#x20;

## File System

The server stores all of its data in a `<server_home>` directory, which has the following structure:

{% code title="\<server\_home>" %}

```
/arch
/logs
/storage
/web
/var
```

{% endcode %}

## Storage

Flopsar makes use of a hybrid approach, which incorporates both SQL database and a custom engine storage. The engine storage is used to store the data while the SQL datatabse to store configuration data.

### Data Archiving

The Data Archiving feature serves as a valuable tool to effectively manage the volume of your database. By enabling this feature, a daily execution is scheduled at the specified time. This process, governed by the chosen policy, facilitates either data purging or data archiving.

To exclusively retain recent data while disregarding older records, simply configure the system to adopt the `purge` policy as specified in the configuration file. Alternatively, opt for the `archive` policy, which entails compressing the data and relocating it to the designated `<server_home>/arch` directory. The archived data is stored within a zip file, encompassing invocations, key-value data, and their corresponding symbols.