Server configuration

Dropwizard 2.0 is used to start and configure Jetty and to parse and validate the command line and configuration file. This is only mentioned here as the Dropwizard Configuration Reference lists and explains the base settings that can be used in the configuration file.

Changed in version 5.0: The Dropwizard version was updated from 1.0 to 2.0.

Environment variables

Environment variables can be used in the YAML configuration file.

For example:

database:
  driverClass: org.postgresql.Driver
  url: jdbc:postgresql://${DATABASE_HOST}/${DATABASE_NAME}
  user: ${DATABASE_USER}
  password: ${DATABASE_PASSWORD}

Additional settings

In addition, the following properties are supported:

database

  • type: If this is a master/read-write or read-only database. Either master (default), read_only_replica, read_only_snapshot.

api

  • requestLogging: If request logging is enabled. Default is true.
  • searchHistory: If search history is updated with new searches. Default is true.
  • convertMatrixParameters: This allows matrix parameters to be translated to query parameters. Default is true

Changes in version 5.0:

  • The convertMatrixParameters setting was added.
  • The openApi2Compatible setting was removed.
  • The requestLogging and searchHistory settings were added.

secrets

The location of external private keys and credentials. Used to authenticate against storages and other endpoints. See Storage credentials for more information. Example:

secrets:
  keyStore:
    path: /env/vidispine/server.keystore
    password: changeit
  vault:
    address: http://vault.example.com:8200
    token: 2262e94c-39c3-b9a8-605d-f0450dfc558b
    keyPrefix: secret/
  file:
    path: /etc/secrets/

Java KeyStore

Java Keystore containing private keys.

  • keyStore:
    • path: The path to the Java keystore.
    • password: The key store password.

Vault

A HashiCorp Vault server storing private keys and credentials. Private keys will be read from the private_key field. Usernames and passwords from the username and password fields respectively.

  • vault:
    • address: The HTTP URL to the Vault server.
    • token: The Vault access token.
    • keyPrefix: Optional prefix to use with all aliases.

Local file system

Read private keys and credentials from files on the local file system.

Private keys will be read from the file with the same name as the private key alias. Usernames and passwords will be read from the files username and password from the directory with the same name as the alias.

  • file:
    • path: The directory containing secret files.

broker

Configures how to connect to ActiveMQ.

  • user: The user to authenticate as.
  • password: The password to authenticate using.
  • url: Default is tcp://localhost:61616.
  • embeddedBroker: The broker URI to use to start an embedded broker. For example broker:(tcp://localhost:61616). Default is “” (no embedded broker).

Note

If you are using embedded ActiveMQ with KahanDB, the KahanDB journal log could keep growing if there are expired messages in the queue “ActiveMQ.DLQ”.

To fix this, you will need to enable JMX in the broker URI , and purge the queue manually using activemq-admin.

embeddedBroker: broker:(tcp://localhost:61616)?usekahadb=true&kahadb.directory=/path/to/db/&persistent=true&useJmx=true
./activemq-admin -Dactivemq.jmx.url=service:jmx:rmi:///jndi/rmi://localhost:1099/jmxrmi purge ActiveMQ.DLQ

Or setup a standalone ActiveMQ instance, and set processExpired=”false”

http://activemq.apache.org/message-redelivery-and-dlq-handling.html

ejbPool

These settings configures the stateless container in OpenEJB. They are explained in more detail at http://tomee.apache.org/containers-and-resources.html.

  • maxSize: The maximum number of beans in the stateless bean pool. Default is 10.
  • idleTimeout:
  • strictPooling: If the pool may NOT grow larger then maxSize. Default is false.

transaction

New in version 5.4.

These settings configure the transaction manager.

  • defaultTimeout - The default transaction timeout to use for transactions (in seconds). Default is 600.

cluster

  • bindAddress: The address to bind on, as an IP address or hostname. Default is 127.0.0.1.
  • bindPort: The port to bind on. Default is 7800.
  • bindPortRange: The range of ports to try in case bindPort is taken. Default is 30.
  • externalAddress: The address to publish to members in the cluster. Default is bindAddress.
  • externalPort: The port to publish to members in the cluster. Default is the port that was bound on.

services

Background tasks, such as jobs and storage polling, are executed in the background by internal services in Vidispine.

The services that are allowed to run on this server instance can be configured using the enabled or disabled settings. These are mutually exclusive, meaning that you cannot specify both services to enable and disable at the same time.

  • services:
    • enabled: The services that are allowed to run on this instance. All other services will not be allowed to run.
    • disabled: The services that are not allowed to run on this instance. All other services will be allowed to run.

The following values are supported:

  • all: All services in the system.
  • job: The services that execute Vidispine jobs.
  • The name of a specific Vidispine service.

For example, an instance that should only serve API requests could be configured using:

services:
  disabled: all

javascript

New in version 5.0.

Settings related to JavaScript script execution.

  • javascript:
    • bindHost: The host that should be used when debugging JavaScript. This setting takes precedence over the debugJavaScriptPort configuration property. Default is localhost if port is specified, else it’s null.
    • port: The port that should be used when debugging JavaScript. This setting takes precedence over the debugJavaScriptPort configuration property. Default is 59000 if bindHost is specified, else it’s null.

httpClient

New in version 4.15.

These settings configure how HTTP requests are made. This includes requests made to for example:

  • Storages using HTTP/HTTPS
  • HTTP notification endpoints
  • Transcoders
  • Vidinet

apm

New in version 5.1.

Changed in version 5.4: The maxSpans setting was added.

Configure application performance monitoring using Elastic APM.

apm:
  elastic:
    urls: ["https://localhost:1234/"]
    secretToken: secret
    serviceName: vidispine
    serviceVersion: 5.0
    environment: staging
    sampleRate: 1
    maxSpans: 500
  • apm.elastic:
    • urls: One or more URLs to the Elastic APM server(s).
    • secretToken: The secret token used to authenticate with the APM server(s).
    • serviceName: Groups all traces together by labeling using a common service name. It must conform to the following regular expression: ^[a-zA-Z0-9 _-]+$.
    • serviceVersion: An optional, arbitrary, version string of the application.
    • environment: An optional, arbitrary, string describing the environment of the application.
    • sampleRate: An optional number between 0.0 and 1.0 which controls the amount of traces sent to the APM servers. 1.0 means that all traces are sent. Consider lowering this value to reduce the overhead of the tracing. Defaults to 1.0.
    • maxSpans: An optional number which controls the amount of spans that is sent to the APM servers. In case of transactions that create a lot of spans e.g. lot of SQL queries then this might need to be increased to be able to see all of them. Defaults to 500.

TLS

Configure the server certificates to trust (the trust store) and the client certificates and keys to use (the key store) when using TLS client authentication.

Note that, if no tls field is present in the configuration file, then by default all server certificates will be trusted. However, if a tls fields is defined then the defaults defined in the configuration reference apply (trustSelfSignedCertificates=false for example).

For example:

httpClient:
  tls:
    keyStorePath: /etc/vidispine/keystore.jks
    keyStorePassword: ueLom5Oh
    trustStorePath: /etc/vidispine/truststore.jks

VSA

New in version 5.1.

Changed in version 21.3.

vsaconnection:
  bindPort: 8183
  clusterConnect: false
  enabled: true
  forwardPortRange: 45700-45899
  • vsaconnection:
    • bindPort: Port to bind to for SSH-connection of VSA. The same a port in Register a server agent.
    • clusterConnect: Set this to true for clustered environments. The VSA will connect to one VidiCore instance, and the other nodes will connect to the first one.
    • enabled: If VSAs should be allowed to connect to VidiCore.
    • forwardPortRange: Local port numbers for ports that are forwarded by the VSA connection. In a clustered environment, these ports must be reachable for other nodes in the cluster.