Server

Server is one of the key Flopsar components, which is responsible for managing the entire Flopsar environment. It is a single, binary file flopsar-server.

CLI

The Flopsar server has a few command line options. All the available options of the server can be listed by executing the command:

$ flopsar-server --help

Configuration

All the server settings are configured in a file settings.yml. This file contains the following default settings:

settings.yml
eula: false
name: my environment
data: /path/to/data
max_ext_size: 1MiB
agent:
  server_ip: 0.0.0.0
  server_port: 9000
ui_srv:
  server_ip: 0.0.0.0
  server_port: 9443
ssl:
  enable: true
  cert: server.crt
  key: server.pem
logger:
  backend: Local
  max_size: 50MiB
  max_files: 5
archive:
  enable: false
  policy: purge
  start_at: 03:00:00.0
  retention: 3days
pass_policy:
  enable: false 
  min_len: 8
  digits: false 
  special_chars: false
  capital_letters: false
  forbidden_chars: ''

eula

This option must be set to true, otherwise the server will not run. This is the EULA accept flag.

name

Name of the environment.

data

This option sets a path to the Flopsar environment directory.

max_ext_size

This option sets a maximal size of an extension jar file.

agent

This option sets a server socket address, which is used by agents to connect to the server.

  • server_ip - specifies the IP address (CIDR format), on which the server is to listen for TCP/IP connections from agents. Only agents should connect to this address. If you want the server to listen on all interfaces, put 0.0.0.0 value.

  • server_port - specified the IP port, on which the server is to listen for TCP/IP connections from agents.

ui_srv

This option sets a server socket address, which is used by workstation clients to connect to the server.

  • server_ip - specifies the IP address (CIDR format), on which the server is to listen for TCP/IP connections from workstation clients. Only workstation clients should connect to this address.

  • server_port - specified the IP port, on which the server is to listen for TCP/IP connections from workstation clients.

ssl

This option switches on/off encryption on the workstation clients connections. Please note, agent-server connections are not encrypted.

  • enable - if set to true, enables the SSL encryption. If set to false, disables it.

  • cert - the server certificate file name.

  • key - the server private key file name.

The SSL files must be stored in the ssl directory.

logger

This option manages the server logger.

  • backend - one of the two backend for loggers: Local or Syslog.

    • When Local is specified, the server log files will be stored in the log directory.

    • When Syslog is specified, the logs will be managed by the syslog. In this case, both options max_size and max_files are ignored.

  • max_size - maximal size a logger file can reach. When the value is reached, the logger file is rolled.

  • max_files - maximal number of logger files. The oldest file is overwritten, so that the maximal number files is maintained according to this option value.

archive

This option manages data archiving.

  • enable - if set to true, enables the data archiving feature. If set to false, disables it.

  • policy - if set to purge, removes all the old data. If set to archive, backup the data.

  • start_at - sets a time of day the archive procedure should start. The time of day is specified in the format HH:MM:SS.m

  • retention - sets the data retention.

pass_policy

This option allows you to configure the password requirements for your system. It provides several parameters to define the desired policy.

  • enable - if set to true, enables the passwords policy feature. If set to false, disables it.

  • min_len - sets a requirement for the minimal password length.

  • digits - if set to true, passwords must have at least one digit.

  • special_chars - if set to true, passwords must have at least one special character.

  • capital_letters - If set to true, passwords must have at least one capital letter.

  • forbidden_chars - this parameter allows you to specify a list of characters that are not allowed in passwords. If any of the specified characters are found in a password, it will be considered invalid. If the parameter is empty, all characters are allowed in passwords.

File System

The server stores all of its data in a <server_home> directory, which has the following structure:

<server_home>
/arch
/logs
/storage
/web
/var

Storage

Flopsar makes use of a hybrid approach, which incorporates both SQL database and a custom engine storage. The engine storage is used to store the data while the SQL datatabse to store configuration data.

Data Archiving

The Data Archiving feature serves as a valuable tool to effectively manage the volume of your database. By enabling this feature, a daily execution is scheduled at the specified time. This process, governed by the chosen policy, facilitates either data purging or data archiving.

To exclusively retain recent data while disregarding older records, simply configure the system to adopt the purge policy as specified in the configuration file. Alternatively, opt for the archive policy, which entails compressing the data and relocating it to the designated <server_home>/arch directory. The archived data is stored within a zip file, encompassing invocations, key-value data, and their corresponding symbols.

Data Restoring

All the archive files can be used to restore the Flopsar environment. Suppose you have the ARCHIVE.zip file created during the archive procedure. You will need the workstation application also. In order to create a new local environment, just to explore the archive data, you must execute the following command:

$ flopsar-server create --archive ARCHIVE.zip --app flopsar-workstation.zip <TARGET_DIR>

This operation will create a new environment in the <TARGET_DIR> directory. To access this environment, you must execute the following command:

$ flopsar-server local <TARGET_DIR> 

This command will start the Flopsar server in a local mode, which is used only for data access purposes. Then you should be able to access the environment at the address https://localhost:9443

Last updated