fatfingererr/fluree_sample.properties

## fluree_sample.properties
# Fluree properties

# These settings are base properties that control how Fluree operates. All of these settings can
# be over-ridden by environment variables or passing a java property flags (i.e. -Dfdb-mode=dev) at startup.
# Environment variables take precedent over java property flags which take precedent over settings in this file.


############################################################
### Base Settings

# Main 'mode' to start this instance of Fluree in.
# Can be dev, query or ledger (defaults to query).
fdb-mode=dev

# BigDecimals are not currently handled out-of-the-box by
# JavaScript applications.  This setting determines whether
# or not to encode java.Math.BigDecimal values as strings
# for query results, etc.  The default is true.
fdb-json-bigdec-string=true

############################################################
### Ledger Group Settings

# Multiple ledgers you control can work together as a group for both
# redundancy and to split database workloads.

# Consensus type = in-memory or raft (defaults to raft)
fdb-consensus-type=raft

# If this server is joining an existing network, list true (defaults to false)
#fdb-join?=false

# When adding a new server, the number of rounds to wait for the server to sync its logs.
# If it is not synced in this amount of time, this server will not be added to the network
fdb-group-catch-up-rounds=10

# Main private key for ledger group.
# We will auto-generation one if not provided, and store it at fdb-group-private-key-file.
# Take care not to lose it, or generate a new one and use it instead by executing
# FlureeDB with the command :keygen
#fdb-group-private-key=

# Path to config directory where fluree.properties, default-private-key.txt, etc. will be
# read / written. Defaults to ./
#fdb-group-config-path=./

# If fdb-group-private-key is not provided, we'll look for it in this file (in
# fdb-group-config-path).
# If not found in this file, we'll generate a default one and place it in this
# file (in fdb-group-config-path).
fdb-group-private-key-file=default-private-key.txt

# List all servers participating in ledger-group with format of server-id@host:port
# All tx-group servers should have this same config.
# Uses raft for communication, so total servers (n) can support (f) failures: n = 2f + 1,
# i.e. anything less than 3 servers can sustain no failures, 5 servers can sustain two failures.
fdb-group-servers=myserver@localhost:9790

# Specify which of the above listed server-ids is this server. Note this must be unique for every
# Server in the tx-group, and is likely easiest to supply this setting via environment variable
fdb-group-this-server=myserver

# Tx group's internal communication timeout threshold. Will initiate a leader election between this
# value and 2x this value if the leader hasn't been heard from.
# Specify as number of milliseconds, or can use units as well such as 1000ms or 1s.
# Assuming your tx-group network is local, 1000-3000 ms is a good range. Adjust as needed to avoid unintended
# leader elections
fdb-group-timeout=2000

# Tx group leader will send out a heartbeat at this interval. By default, will be 1/2 of fdb-group-timeout
# This can never be less than fdb-group-timeout, and ideally should be 1/3 to 1/2 of that value.
# A number in milliseconds can be provided, or can be used with units such as 1000ms or 1s
#fdb-group-heartbeat=

# Where to store tx-group raft log files. These logs have fairly frequent disk access.
# This is always a local filesystem path and must start with either `/` or `./`.
# Defaults to ./data/group
#fdb-group-log-directory=./data/group/

# Where to store index/block segments and raft snapshots. Replicated on every machine if using "file".
# Current options are:
# - file - on-disk and replicated on every ledger node (the default)
# - memory - stored in memory (useful for testing). Currently only supported for a single, centralized server. fdb-consensus-type must be set to 'in-memory'
# - s3 - stored in an AWS S3 bucket; some things are still stored locally for fast access
fdb-storage-type=file

# Number of historic tx-group raft logs to keep around. Can be as low as 1. Historic logs take up disk
# space but can be useful for debugging if something goes wrong. High transactional volume servers
# may want to retain extra logs as there will be more frequent rotation
fdb-group-log-history=5

# A snapshot of the current group state will be taken after this many new commits. Larger values mean larger
# log files, small values mean lots of snapshots which can be time consuming for large networks.
# Ideally somewhere in the range of 100 to 1000.
fdb-group-snapshot-threshold=200

# For file storage-type only: The root directory to put relative storage paths in.
# Can be a relative path starting with "." or an absolute path starting with "/".
# Defaults to ./data
#fdb-storage-file-root=./data

# For s3 storage-type only: Specify the AWS S3 bucket to store ledger
# (blockchain), db indexes, and raft snapshots. Make sure to specify the name
# of an S3 bucket you control, and that the database process has access to your
# credentials.
# See: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
#fdb-storage-s3-bucket=

# Total memory cache of index segments across all databases. This setting can be changed per-ledger.
fdb-memory-cache=200mb

# These settings apply per-database, make sure all ledgers and query peers have at least this
# much memory * number of databases you expect to be active on those servers. This setting must be
# consistent across the entire ledger group.
fdb-memory-reindex=1mb
fdb-memory-reindex-max=2mb

# How frequently to report out stats as a log entry in milliseconds, or can use shorthand
# like 2m for two minutes, 45s for 45 seconds.
fdb-stats-report-frequency=1m

# If an encryption secret (any string) is provided, Fluree will use AES Encryption when storing files to disk.
# Note all servers that will be reading files must have the same encryption secret, and if the secret is lost
# all data will be unrecoverable.
#fdb-encryption-secret=

############################################################
### HTTP API port

# Port in which the query peers will respond to API calls from clients (defaults to 8090).
#fdb-api-port=8090

# If fdb-api-open is true, will allow full access on above port for any request and will
# utilize default auth identity to regulate query/read permissions. If false, every request
# must be signed, and the auth id associated with the signature will determine query/read permissions.
fdb-api-open=false


############################################################
### Password authentication

## This is used to allow private keys to be derived from string passwords.
## This is not as secure as users maintaining their own unique private keys
## however it adds more convenience for enterprise apps using Fluree
## as their primary transaction store and who desire password authentication

# Set to true to enable pw-auth, false to disable it.
# This defaults to true, but will only work if there is a signing key for
# transactions. (which can be a default key with root access which exists
# when first starting Fluree, or can be explicitly set below with
# `fdb-pw-auth-signing-key`).  If the root private
# key no longer exists or has permission, effectively this feature is disabled
# from any new activity. If you want if off always, set to 'false' below.
fdb-pw-auth-enable=true

# Required for password auth.
# This secret is used to generate a HMAC signature that is used by
# scrypt to generate a valid private key. Every auth record uses
# a unique salt ensuring different private keys for identical passwords.
# A server must have permission to access to the salt (stored in the _auth record)
# to successfully regenerate a private key - along with the normalized password and
# the following secret. Without all 3 elements, the private key cannot be regenerated.
fdb-pw-auth-secret=fluree

# Maximum allowed expiration time per JWT token in milliseconds.
# Blank means any amount of time is valid. (86400000 ms in 24 hours, 31536000000 in 1 year)
fdb-pw-auth-jwt-max-exp=1y

# If renewal JWT tokens are allowed (blank if not allowed), maximum time from initial issuance
# a token can be renewed for in ms. To make this 'forever', use the maximum long value (9223372036854775807).
# For example, if you had a JWT token that expires after 120 seconds, but want to allow an active user
# to not be challenged for a password for up to 1 day, enter "1d" here and an unexpired token can be renewed
# as many times as desired (swapped for an 'fresh' token) so long as the original token issued from the
# password was less then this time period ago.
fdb-pw-auth-jwt-max-renewal=1y


# JWT tokens issued are secured with this secret. If empty, will
# default to use fdb-pw-auth-secret
fdb-pw-auth-jwt-secret=


# A valid Fluree private key with proper permissions must be used to sign
# any new transaction where new password auth records are created. If a
# default root key still exists and has proper permission, that will be used by default.
#fdb-pw-auth-signing-key=


############################################################
### Decentralized Ledgers

# List each auth identity private key at each network and/or database you are participating in.
# Format is private-key1@network/db,private-key2@network/db2 where the db is optional and multiple
# dbs or networks are separated by commas. If only a network is specified, the private key will be  used
# as a default for all databases on that network and it is assumed this server is participating with every database.
# i.e. fdb-ledger-private-keys=53ab638dd26d02d95214f58eb5df0b086baba584c66f6ae5b8574d722c6bc3f3@networka/dbname
#fdb-ledger-private-keys=

# List of seed servers to contact for each network/db. Like fdb-ledger-identities, the db is optional.
# Every network/db + server address combination should be separated by a comma
# i.e. fdb-ledger-servers=networka@some-domain.com:9795,networka@10.1.1.2:9795,networkb/dbname@external.dot.com:9795
#fdb-ledger-servers=
	# Fluree properties

	# These settings are base properties that control how Fluree operates. All of these settings can
	# be over-ridden by environment variables or passing a java property flags (i.e. -Dfdb-mode=dev) at startup.
	# Environment variables take precedent over java property flags which take precedent over settings in this file.


	############################################################
	### Base Settings

	# Main 'mode' to start this instance of Fluree in.
	# Can be dev, query or ledger (defaults to query).
	fdb-mode=dev

	# BigDecimals are not currently handled out-of-the-box by
	# JavaScript applications. This setting determines whether
	# or not to encode java.Math.BigDecimal values as strings
	# for query results, etc. The default is true.
	fdb-json-bigdec-string=true

	############################################################
	### Ledger Group Settings

	# Multiple ledgers you control can work together as a group for both
	# redundancy and to split database workloads.

	# Consensus type = in-memory or raft (defaults to raft)
	fdb-consensus-type=raft

	# If this server is joining an existing network, list true (defaults to false)
	#fdb-join?=false

	# When adding a new server, the number of rounds to wait for the server to sync its logs.
	# If it is not synced in this amount of time, this server will not be added to the network
	fdb-group-catch-up-rounds=10

	# Main private key for ledger group.
	# We will auto-generation one if not provided, and store it at fdb-group-private-key-file.
	# Take care not to lose it, or generate a new one and use it instead by executing
	# FlureeDB with the command :keygen
	#fdb-group-private-key=

	# Path to config directory where fluree.properties, default-private-key.txt, etc. will be
	# read / written. Defaults to ./
	#fdb-group-config-path=./

	# If fdb-group-private-key is not provided, we'll look for it in this file (in
	# fdb-group-config-path).
	# If not found in this file, we'll generate a default one and place it in this
	# file (in fdb-group-config-path).
	fdb-group-private-key-file=default-private-key.txt

	# List all servers participating in ledger-group with format of server-id@host:port
	# All tx-group servers should have this same config.
	# Uses raft for communication, so total servers (n) can support (f) failures: n = 2f + 1,
	# i.e. anything less than 3 servers can sustain no failures, 5 servers can sustain two failures.
	fdb-group-servers=myserver@localhost:9790

	# Specify which of the above listed server-ids is this server. Note this must be unique for every
	# Server in the tx-group, and is likely easiest to supply this setting via environment variable
	fdb-group-this-server=myserver

	# Tx group's internal communication timeout threshold. Will initiate a leader election between this
	# value and 2x this value if the leader hasn't been heard from.
	# Specify as number of milliseconds, or can use units as well such as 1000ms or 1s.
	# Assuming your tx-group network is local, 1000-3000 ms is a good range. Adjust as needed to avoid unintended
	# leader elections
	fdb-group-timeout=2000

	# Tx group leader will send out a heartbeat at this interval. By default, will be 1/2 of fdb-group-timeout
	# This can never be less than fdb-group-timeout, and ideally should be 1/3 to 1/2 of that value.
	# A number in milliseconds can be provided, or can be used with units such as 1000ms or 1s
	#fdb-group-heartbeat=

	# Where to store tx-group raft log files. These logs have fairly frequent disk access.
	# This is always a local filesystem path and must start with either `/` or `./`.
	# Defaults to ./data/group
	#fdb-group-log-directory=./data/group/

	# Where to store index/block segments and raft snapshots. Replicated on every machine if using "file".
	# Current options are:
	# - file - on-disk and replicated on every ledger node (the default)
	# - memory - stored in memory (useful for testing). Currently only supported for a single, centralized server. fdb-consensus-type must be set to 'in-memory'
	# - s3 - stored in an AWS S3 bucket; some things are still stored locally for fast access
	fdb-storage-type=file

	# Number of historic tx-group raft logs to keep around. Can be as low as 1. Historic logs take up disk
	# space but can be useful for debugging if something goes wrong. High transactional volume servers
	# may want to retain extra logs as there will be more frequent rotation
	fdb-group-log-history=5

	# A snapshot of the current group state will be taken after this many new commits. Larger values mean larger
	# log files, small values mean lots of snapshots which can be time consuming for large networks.
	# Ideally somewhere in the range of 100 to 1000.
	fdb-group-snapshot-threshold=200

	# For file storage-type only: The root directory to put relative storage paths in.
	# Can be a relative path starting with "." or an absolute path starting with "/".
	# Defaults to ./data
	#fdb-storage-file-root=./data

	# For s3 storage-type only: Specify the AWS S3 bucket to store ledger
	# (blockchain), db indexes, and raft snapshots. Make sure to specify the name
	# of an S3 bucket you control, and that the database process has access to your
	# credentials.
	# See: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
	#fdb-storage-s3-bucket=

	# Total memory cache of index segments across all databases. This setting can be changed per-ledger.
	fdb-memory-cache=200mb

	# These settings apply per-database, make sure all ledgers and query peers have at least this
	# much memory * number of databases you expect to be active on those servers. This setting must be
	# consistent across the entire ledger group.
	fdb-memory-reindex=1mb
	fdb-memory-reindex-max=2mb

	# How frequently to report out stats as a log entry in milliseconds, or can use shorthand
	# like 2m for two minutes, 45s for 45 seconds.
	fdb-stats-report-frequency=1m

	# If an encryption secret (any string) is provided, Fluree will use AES Encryption when storing files to disk.
	# Note all servers that will be reading files must have the same encryption secret, and if the secret is lost
	# all data will be unrecoverable.
	#fdb-encryption-secret=

	############################################################
	### HTTP API port

	# Port in which the query peers will respond to API calls from clients (defaults to 8090).
	#fdb-api-port=8090

	# If fdb-api-open is true, will allow full access on above port for any request and will
	# utilize default auth identity to regulate query/read permissions. If false, every request
	# must be signed, and the auth id associated with the signature will determine query/read permissions.
	fdb-api-open=false


	############################################################
	### Password authentication

	## This is used to allow private keys to be derived from string passwords.
	## This is not as secure as users maintaining their own unique private keys
	## however it adds more convenience for enterprise apps using Fluree
	## as their primary transaction store and who desire password authentication

	# Set to true to enable pw-auth, false to disable it.
	# This defaults to true, but will only work if there is a signing key for
	# transactions. (which can be a default key with root access which exists
	# when first starting Fluree, or can be explicitly set below with
	# `fdb-pw-auth-signing-key`). If the root private
	# key no longer exists or has permission, effectively this feature is disabled
	# from any new activity. If you want if off always, set to 'false' below.
	fdb-pw-auth-enable=true

	# Required for password auth.
	# This secret is used to generate a HMAC signature that is used by
	# scrypt to generate a valid private key. Every auth record uses
	# a unique salt ensuring different private keys for identical passwords.
	# A server must have permission to access to the salt (stored in the _auth record)
	# to successfully regenerate a private key - along with the normalized password and
	# the following secret. Without all 3 elements, the private key cannot be regenerated.
	fdb-pw-auth-secret=fluree

	# Maximum allowed expiration time per JWT token in milliseconds.
	# Blank means any amount of time is valid. (86400000 ms in 24 hours, 31536000000 in 1 year)
	fdb-pw-auth-jwt-max-exp=1y

	# If renewal JWT tokens are allowed (blank if not allowed), maximum time from initial issuance
	# a token can be renewed for in ms. To make this 'forever', use the maximum long value (9223372036854775807).
	# For example, if you had a JWT token that expires after 120 seconds, but want to allow an active user
	# to not be challenged for a password for up to 1 day, enter "1d" here and an unexpired token can be renewed
	# as many times as desired (swapped for an 'fresh' token) so long as the original token issued from the
	# password was less then this time period ago.
	fdb-pw-auth-jwt-max-renewal=1y



	# JWT tokens issued are secured with this secret. If empty, will
	# default to use fdb-pw-auth-secret
	fdb-pw-auth-jwt-secret=


	# A valid Fluree private key with proper permissions must be used to sign
	# any new transaction where new password auth records are created. If a
	# default root key still exists and has proper permission, that will be used by default.
	#fdb-pw-auth-signing-key=


	############################################################
	### Decentralized Ledgers

	# List each auth identity private key at each network and/or database you are participating in.
	# Format is private-key1@network/db,private-key2@network/db2 where the db is optional and multiple
	# dbs or networks are separated by commas. If only a network is specified, the private key will be used
	# as a default for all databases on that network and it is assumed this server is participating with every database.
	# i.e. fdb-ledger-private-keys=53ab638dd26d02d95214f58eb5df0b086baba584c66f6ae5b8574d722c6bc3f3@networka/dbname
	#fdb-ledger-private-keys=

	# List of seed servers to contact for each network/db. Like fdb-ledger-identities, the db is optional.
	# Every network/db + server address combination should be separated by a comma
	# i.e. fdb-ledger-servers=networka@some-domain.com:9795,networka@10.1.1.2:9795,networkb/dbname@external.dot.com:9795
	#fdb-ledger-servers=