Difference between revisions of "Settings"
Line 280: | Line 280: | ||
This parameter should be set to true once you expect no changes in the network configuration of HSYCO Server. | This parameter should be set to true once you expect no changes in the network configuration of HSYCO Server. | ||
+ | |||
+ | === Network === | ||
+ | |||
+ | |||
+ | '''HTTPServerPort''' | ||
+ | |||
+ | '''Default:''' | ||
+ | |||
+ | '''Format:''' integer number < 65535 | ||
+ | |||
+ | |||
+ | TCP/IP port of HSYCO HTTP Web Server. If not defined, the HTTP server is not enabled. | ||
+ | |||
+ | Normally set to 80. | ||
+ | |||
+ | |||
+ | '''HTTPSSLServerPort''' | ||
+ | |||
+ | '''Default:''' | ||
+ | |||
+ | '''Format:''' integer number < 65535 | ||
+ | |||
+ | |||
+ | TCP/IP port of HSYCO HTTPS Web Server. | ||
+ | |||
+ | If not defined, the HTTPS server is not enabled. | ||
+ | |||
+ | Normally set to 443. | ||
+ | |||
+ | |||
+ | '''SysLogServerPort''' | ||
+ | |||
+ | '''Default:''' | ||
+ | |||
+ | '''Format:''' integer number < 65535 | ||
+ | |||
+ | |||
+ | TCP/IP port of HSYCO SYSLOG Web server. | ||
+ | |||
+ | The SYSLOG server is used to receive from the Access Points (AP) the information to determine which AP every user in the Wi-Fi LAN is using to connect. | ||
+ | |||
+ | If not defined, the SYSLOG server is not enabled. | ||
+ | |||
+ | It is usually set to 514. | ||
+ | |||
+ | |||
+ | '''ServerName''' | ||
+ | |||
+ | '''Default:''' hsyco | ||
+ | |||
+ | '''Format:''' domain name | ||
+ | |||
+ | |||
+ | Name used to generate the SSL certificate. | ||
+ | |||
+ | It is necessary for the cryptography of the HTTPS Web traffic and should correspond to the domain name through which the HSYCO server is accessed via the Internet. | ||
+ | |||
+ | The certificate is saved in the hsyco.keys file. | ||
+ | |||
+ | When HSYCO is started, if this file is not available or its name doesn’t match the ServerName parameter in hsyco.ini, a new SSL certificate is automatically generated according to the name defined in ServerName. | ||
+ | |||
+ | |||
+ | '''OffLineCache''' | ||
+ | |||
+ | '''Default:''' false | ||
+ | |||
+ | '''Format:''' false | true | ||
+ | |||
+ | |||
+ | HSYCO implements the off-line cache feature of the Web browsers that support the HTML 5.0 standard. | ||
+ | |||
+ | To enable the off-line storage on the Web browser of all HSYCO HTML static content, set this parameter to true. | ||
+ | |||
+ | |||
+ | '''HTTPServerThreads''' | ||
+ | |||
+ | '''Default:''' 256 | ||
+ | |||
+ | '''Format:''' positive integer number | ||
+ | |||
+ | |||
+ | Sets the total number of processing threads for the HTTP and HTTPS internal web servers. | ||
+ | |||
+ | You should change this parameter only when you have a very large number of active web clients. | ||
+ | |||
+ | Web browsers normally use only a few (up to about 6) concurrent connections for each session, and the default should be fine to support up to at least 40 active clients. | ||
+ | |||
+ | When the HTTP and HTTPS servers run low of threads, some clients could see their requests rejected, causing page load errors or becoming unresponsive. | ||
+ | |||
+ | In this case you should see “too many connections” error messages in HSYCO’s log files. | ||
+ | |||
+ | {{tip|Increasing this parameter also increases memory and I/O resources requirements to the underlying operating system.}} |
Revision as of 15:46, 24 February 2014
HSYCO can be configured using the Settings application in the Manager.
Settings stores all configuration parameters in the hsyco.ini file.
You can copy this file to save the current configuration, or manually change it. In this case, be sure to reopen the Settings application after the changes have been saved.
The configuration is read at start-up, so any changes become effective only after restarting the HSYCO process.
HSYCO is factory configured to automatically restart when hsyco.ini is saved.
When you make changes using Settings, the hsyco.ini file will be overwritten when you press the Save button.
You can’t return to the previous configuration once it is saved.
The Revert button allows you to reload the current configuration if you have made changes in Setting that have not yet been saved.
Settings parameters are grouped in several sections.
You can make changes to any parameter, even in different sections, and then save all changes together.
Contents
System
The Systems section contains all general configuration parameters, including vital parameters affecting system’s security and reliability.
These parameters are further split in several sub-sections.
General
URLKey
Default: hsycoserver
Format: string of at least 8 characters
To protect against malicious service discovery robots, HSYCO does not answer to Web requests where only the server address is defined, for example https://192.168.0.50, but requires an extended URL, which must include an access key, called URLKey.
The URLKey must be at least 8 characters long.
It is possible to specify more than one URLKEY, separated by a comma; in this case all the specified URLKEYs will be valid for the web access to HSYCO.
The factory default URLKey is hsycoserver.
The URLKey is not a secret password, but only an additional protection feature.
Language
Default: en
Format: cn | en | fr | it
Some I/O Servers and other core services use localized text messages. This parameter defines the default system language for these services.
AutoKillFiles
Default:
Format: list of file names separated by commas
This parameter is usually set as: "hsyco.ini,hsyco.jar,com/hsyco/user.class" forcing the automatic restart after the changes of the three files listed.
DatabaseBackup
Default: false
Format: false | true
When set to true, a hot backup of the core database is automatically executed on a daily basis, saving data in the data_backup directory, and overwriting the previous backup files.
StartupDelay
Default: 0
Format: 0 or positive integer number of seconds
When set to a positive number, the HSYCO server will wait for the specified number of seconds at start-up before becoming active.
This start-up delay could be useful to prevent HSYCO from starting before other peripherals or devices, like external storage systems, are completely initialized.
ExceptionWatchdog
Default: 5
Format: positive integer number
After N uncaught Java execution exceptions, the HSYCO server will be killed and restarted.
Set to 0 to disable the exception watchdog.
userLog
Default: false
Format: false | true
Set to true to enable the log of the Java methods called in user.java or of the commands defined in the EVENTS programming environment.
eventsLog
Default: false
Format: false | true
If true, the log of events received from field devices is enabled, for example the events related to the IO Servers.
verboseLog
Default: false
Format: false | true
If true, the extended log is enabled.
It is useful for debugging, or during the advanced customization phase or the development of Java code.
If silent, only the most serious errors will be written on the file and all the other messages will be disabled, including the events received from field devices.
securityLogDailyFiles
Default: false
Format: false | true
When set to true, the security logs are written in daily files named MMDD-security.log.
LogMaxAge
Default: 0
Format: 0, or positive integer number
Log files are automatically deleted when older than the number of days defined with this parameter.
When set to 0 or not defined, log files are not deleted automatically.
Access Control
trustedNet
Default: local
Format: local, or nn.nn.nn.nn-nn.nn.nn.nn
IP addresses that define the group of network addresses belonging to the secure local network.
It is possible to enter multiple, comma-separated IP ranges or individual IP addresses, or simply enter “local”, so that HSYCO will assume all IP addresses in the LAN as trusted.
The Web clients connecting to HSYCO from these addresses are subject to the time-out defined in KeysTrustedValidityHours, which is usually longer than the one used for all the other IP addresses, defined in KeysNotTrustedValidityHours.
KeysTrustedValidityHours
Default: 24
Format: integer > 0 or hh:mm
Login time-out in hours for the connections from trusted IP addresses.
Set on a very high value, e.g. 100000, to practically avoid the time-out of sessions.
It can also be set using the hh:mm hours and minutes format.
KeysNotTrustedValidityHours
Default: 1
Format: integer > 0 or hh:mm
Login time-out in hours for not trusted IP addresses.
It can also be set using the hh:mm hours and minutes format.
KeysInactivityHours
Default: 1
Format: integer > 0 or hh:mm
Inactivity time-out in hours.
This is an optional parameter; if not set there will be no inactivity time-out and the user session will be automatically logged out based on the login time-out only.
It can also be set using the hh:mm hours and minutes format.
KeysInactivityMode
Default: browser
Format: browser | cameras | commands
Inactivity time-out mode.
This is an optional parameter.
It is significant only when KeysInactivityHours is also defined.
In browser mode, having the Web browser open on the HSYCO page will keep the session alive.
In cameras mode the session will remain alive only when sending commands or watching cameras.
In commands mode the session will stay alive only if commands are sent before the inactivity timer expires.
HTTPServerPublicDirectory
Default: browser
Format: directory name
If defined, enables a simple Web server that serves files, without any parsing, via HTTP and HTTPS, only to clients in the trusted range of IP addresses.
This parameter sets the name of the directory, under the www root Web directory, used for the public files.
If, for example, you have HTTPServerPublicDirectory=public, and an HTML file named home.html in the public directory, then the https://192.168.0.50/public/home.html URL will point to that file.
As you see, you shouldn’t add the URLKey in public URLs.
HTTPServerLowSecurityEnabled
Default: false
Format: true | false
Usually, the HTTP server is only active to let cameras and PBX systems send motion detection and calls notifications.
To avoid the authentication keys, PIN and PUK codes and all traffic to be transmitted in the clear, the HTTP protocol is not normally used for Web access to HSYCO.
Set the parameter to true only when you want to enable the not-secure HTTP protocol for Web access to HSYCO.
WebAdminNetConfigLock
Default: false
Format: true | false
If true, the Web network settings functions are disabled.
This parameter should be set to true once you expect no changes in the network configuration of HSYCO Server.
Network
HTTPServerPort
Default:
Format: integer number < 65535
TCP/IP port of HSYCO HTTP Web Server. If not defined, the HTTP server is not enabled.
Normally set to 80.
HTTPSSLServerPort
Default:
Format: integer number < 65535
TCP/IP port of HSYCO HTTPS Web Server.
If not defined, the HTTPS server is not enabled.
Normally set to 443.
SysLogServerPort
Default:
Format: integer number < 65535
TCP/IP port of HSYCO SYSLOG Web server.
The SYSLOG server is used to receive from the Access Points (AP) the information to determine which AP every user in the Wi-Fi LAN is using to connect.
If not defined, the SYSLOG server is not enabled.
It is usually set to 514.
ServerName
Default: hsyco
Format: domain name
Name used to generate the SSL certificate.
It is necessary for the cryptography of the HTTPS Web traffic and should correspond to the domain name through which the HSYCO server is accessed via the Internet.
The certificate is saved in the hsyco.keys file.
When HSYCO is started, if this file is not available or its name doesn’t match the ServerName parameter in hsyco.ini, a new SSL certificate is automatically generated according to the name defined in ServerName.
OffLineCache
Default: false
Format: false | true
HSYCO implements the off-line cache feature of the Web browsers that support the HTML 5.0 standard.
To enable the off-line storage on the Web browser of all HSYCO HTML static content, set this parameter to true.
HTTPServerThreads
Default: 256
Format: positive integer number
Sets the total number of processing threads for the HTTP and HTTPS internal web servers.
You should change this parameter only when you have a very large number of active web clients.
Web browsers normally use only a few (up to about 6) concurrent connections for each session, and the default should be fine to support up to at least 40 active clients.
When the HTTP and HTTPS servers run low of threads, some clients could see their requests rejected, causing page load errors or becoming unresponsive.
In this case you should see “too many connections” error messages in HSYCO’s log files.
Increasing this parameter also increases memory and I/O resources requirements to the underlying operating system.