The Link configuration file (config.yaml)
For a Link installation, configuration information is provided in the config.yaml file.
The config.yaml contains several YAML mappings. The value of a key of such a mapping may itself be a YAML mapping. In this documentation, JSON Pointer strings are used to refer to the value of a key value of a YAML mapping. For example, /mongo/auth/ password refers to the value of the MongoDB password which should be used to access the MongoDB database which Link uses for design data. Alternatively, dot notation may be used for the same purpose, for example mongo.auth.password.
Configuration file syntax validation
flowcmdserver -vConfiguration file expansion expressions
Two kinds of expansion expressions allow values to be provided in the config.yaml configuration file from another source. An expansion expression is allowed as the value of a key-value pair of a YAML mapping.
Environment variable expression
Environment variable substitution is performed at run-time only. An
expansion expression of the following form is replaced with the value of the named
environment variable: ${env:<environment variable name>}
For example, the value ${env:DTXHOME} would be replaced
with the value of the environment variable DTXHOME. If the environment variable is
not defined, then the expansion expression is replaced with the empty string.
Master Key File (MKF) expansion
To allow the inclusion of sensitive data, a Master Key File (MKF) encryption expansion expression is replaced at run- time and install-time with its decrypted value. The MKF encryption expansion expression should have been produced using a tool which is provided for this purpose. See the following description of the available tools given below.
${enc_mkf: mk_id=<master key ID>, check_id=<encryption check data>,
iv=<encryption initialization vector>, data=<encrypted data>}The master key which is used for encryption determines the encryption algorithm which is used to encrypt the data.
A default MKF file is provided with a Link installation. A new MKF file can be created and used instead of the default file. See the sections on MKF files in the “Variables” documentation for information about creating a master key file.
A configuration property value can be encrypted in both Windows and Linux installations of Link. Encryption can be performed in place. This means that the value is read from the config.yaml file and replaced with an MKF encryption expansion expression. Alternatively, a value to be encrypted can be provided in a command line. The encryption tools use a JSON Pointer string to refer to the configuration property value to be encrypted.
For a Windows installation:
-
Open an administrator shell, and change the working directory to
<installation root>/DesignServer -
Execute the following script using either the -inplace option or not.
-
encryptproperty.bat -inplace <JSON Pointer config.yaml path> -
encryptproperty.bat <JSON Pointer config.yaml path> <string to encrypt>
-
For a Linux installation:
-
Under an appropriate user, open a shell.
-
Execute command Link encrypt with the appropriate arguments. For example, from the installation root directory, execute one of:
-
./Link encryptproperty -inplace <JSON Pointer config.yaml path> -
./Link encryptproperty <JSON Pointer config.yaml path> <string to encrypt>
-
Enable basic authentication
- Edit the config.yaml file (on Windows usually under
C:\HCL\Link_1.2.0\config), locate all instances of
the '
basicAuthEnabled' property and set it to true. For example:Server:basicAuthEnabled: trueRest:basicAuthEnabled: true - Restart link