Studio’s Configuration Overrides
Crafter Studio comes with pre-configured settings that you may want to override. To view the pre-configured settings in Crafter Studio, in your Authoring installation, go to CRAFTER_HOME/bin/apache-tomcat/webapps/studio/WEB-INF/classes/crafter/studio
and open the file studio-config.yaml
.
To override any of the pre-configured settings, in your Authoring installation, go to CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension
and add the settings you would like to configure in the file studio-config-override.yaml
. The override file have some settings already listed that you may want to override in Crafter Studio:
Content Repository Configuration
The following section of Studio’s configuration overrides allows you to do the following:
studio.repo.basePath
allows you to set your repository basestudio.repo.siteSandboxBranch
allows you to set the default branch to be used by sandboxstudio.repo.published.live
andstudio.repo.published.staging
allows you to set the branch for your publishing targets
1##################################################
2## Content Repository ##
3##################################################
4# Absolute or relative path to repository base (all actual repositories will be under this)
5studio.repo.basePath: ../data/repos
6# Sandbox Git repository branch for every site
7# studio.repo.siteSandboxBranch: master
8# Git repository branch for publishing targets are configured here
9# Git repository branch for the `live` publishing target, default "live"
10# studio.repo.published.live: live
11# Git repository branch for the `staging` publishing target, default "staging"
12# studio.repo.published.staging: staging
Project Configuration
The following section of Studio’s configuration overrides allows you to setup your project configuration
1############################################################
2## Site Configuration ##
3############################################################
4# Destroy site context url for preview engine
5studio.configuration.site.preview.destroy.context.url: ${env:ENGINE_URL}/api/1/site/context/destroy.json?crafterSite={siteName}&token=${studio.configuration.management.previewAuthorizationToken}
6# Default preview URL
7studio.configuration.site.defaultPreviewUrl: ^https?://localhost:8080/?
8# Default authoring URL
9studio.configuration.site.defaultAuthoringUrl: ^https?://localhost:8080/studio/?
10# Default GraphQL server URL
11studio.configuration.site.defaultGraphqlServerUrl: ^https?://localhost:8080/?
12# Studio management authorization token.
13studio.configuration.management.authorizationToken: ${env:STUDIO_MANAGEMENT_TOKEN}
14# Preview engine management authorization token.
15studio.configuration.management.previewAuthorizationToken: ${env:ENGINE_MANAGEMENT_TOKEN}
16# Protected URLs with preview engine management authorization token.
17# Coma separated list of preview engine urls
18studio.configuration.management.previewProtectedUrls: >-
19 /api/1/monitoring/log.json,
20 /api/1/monitoring/memory.json,
21 /api/1/monitoring/status.json,
22 /api/1/monitoring/version.json,
23 /api/1/site/context/id,
24 /api/1/site/context/destroy,
25 /api/1/site/context/rebuild,
26 /api/1/site/context/graphql/rebuild,
27 /api/1/site/cache/clear,
28 /api/1/site/cache/statistics
Preview Deployer Configuration
The following section of Studio’s configuration overrides allows you to setup your deployer urls
1############################################################
2## Preview Deployer ##
3############################################################
4
5# Default preview deployer URL (can be overridden per site)
6studio.preview.defaultPreviewDeployerUrl: ${env:DEPLOYER_URL}/api/1/target/deploy/{siteEnv}/{siteName}
7# Default preview create target URL (can be overridden per site)
8studio.preview.createTargetUrl: ${env:DEPLOYER_URL}/api/1/target/create_if_not_exists
9# Default preview create target URL (can be overridden per site)
10studio.preview.deleteTargetUrl: ${env:DEPLOYER_URL}/api/1/target/delete-if-exists/{siteEnv}/{siteName}
11# URL to the preview repository (aka Sandbox) where authors save work-in-progress
12studio.preview.repoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/sandbox
Preview Search Configuration
The following section of Studio’s configuration overrides allows you to setup urls for search in preview
1############################################################
2## Preview Search ##
3############################################################
4
5studio.preview.search.createUrl: ${env:SEARCH_URL}/api/2/admin/index/create
6studio.preview.search.deleteUrl: ${env:SEARCH_URL}/api/2/admin/index/delete/{siteName}
Database Configuration
The following section of Studio’s configuration overrides allows you to setup the database url, port number, connection string to initialize the database and path
1##################################################
2## Database ##
3##################################################
4
5# Crafter Studio uses an embedded MariaDB by default
6# Crafter DB schema name
7studio.db.schema: ${env:MARIADB_SCHEMA}
8# Crafter DB connection string
9studio.db.url: jdbc:mariadb://${env:MARIADB_HOST}:${env:MARIADB_PORT}/crafter?user=${env:MARIADB_USER}&password=${env:MARIADB_PASSWD}
10# Connection string used to initialize database. This creates the `crafter` schema, the `crafter` user and/or upgrades the database
11studio.db.initializer.url: jdbc:mariadb://${env:MARIADB_HOST}:${env:MARIADB_PORT}?user=${env:MARIADB_ROOT_USER}&password=${env:MARIADB_ROOT_PASSWD}
12# Connection string if using a database with an already created schema and user (like AWS RDS)
13# studio.db.initializer.url: ${studio.db.url}
14# Port number for the embedded database (note this must match what's in the connection URLs in this config file)
15studio.db.port: ${env:MARIADB_PORT}
16# Data folder for the embedded database
17studio.db.dataPath: ${env:MARIADB_DATA_DIR}
18# Socket path for the embedded database
19studio.db.socket: /tmp/MariaDB4j.${env:MARIADB_PORT}.sock
Security Configuration
The following section of Studio’s configuration overrides allows you to randomize the admin password on a fresh install (for more information, see: Randomize “admin” Password for CrafterCMS Fresh Install), configure encryption and configure authentication method to be used (for more information, see: Configuring Studio Security), configure password requirements validation (for more information see: Configure Studio Password Requirements).
1##################################################
2## Security ##
3##################################################
4# Enable random admin password generation
5# studio.db.initializer.randomAdminPassword.enabled: false
6# Random admin password length
7# studio.db.initializer.randomAdminPassword.length: 16
8# Random admin password allowed chars
9# studio.db.initializer.randomAdminPassword.chars: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*_=+-/
10# Time in minutes after which active users will be required to login again
11# studio.security.sessionTimeout: 480
12# Time in minutes after which inactive users will be required to login again
13# studio.security.inactivityTimeout: 30
14#
15# Salt for encrypting
16studio.security.cipher.salt: ${env:CRAFTER_SYSTEM_ENCRYPTION_SALT}
17# Key for encrypting
18studio.security.cipher.key: ${env:CRAFTER_SYSTEM_ENCRYPTION_KEY}
19
20# Password requirements minimum complexity
21# This is based on https://github.com/dropbox/zxcvbn
22# The minimum complexity corresponds to the password score
23# You can try this out here https://lowe.github.io/tryzxcvbn/
24# score # Integer from 0-4 (useful for implementing a strength bar)
25# 0 # too guessable: risky password. (guesses < 10^3)
26# 1 # very guessable: protection from throttled online attacks. (guesses < 10^6)
27# 2 # somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8)
28# 3 # safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10)
29# 4 # very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)
30# The default value is 3
31# studio.security.passwordRequirements.minimumComplexity: 3
32
33# The key used for encryption of configuration properties
34studio.security.encryption.key: ${env:CRAFTER_ENCRYPTION_KEY}
35# The salt used for encryption of configuration properties
36studio.security.encryption.salt: ${env:CRAFTER_ENCRYPTION_SALT}
37
38# The path of the folder used for the SSH configuration
39studio.security.ssh.config: ${env:CRAFTER_SSH_CONFIG}
40
41# Defines name used for environment specific configuration. It is used for environment overrides in studio. Default value is default.
42studio.configuration.environment.active: ${env:CRAFTER_ENVIRONMENT}
Mail Configuration
The following section of Studio’s configuration overrides allows you to setup the SMTP server to be used by CrafterCMS when sending emails
1##################################################
2## SMTP Configuration (Email) ##
3##################################################
4
5# Default value for from header when sending emails.
6# studio.mail.from.default: admin@example.com
7# SMTP server name to send emails.
8studio.mail.host: ${env:MAIL_HOST}
9# SMTP port number to send emails.
10studio.mail.port: ${env:MAIL_PORT}
11# SMTP username for authenticated access when sending emails.
12# studio.mail.username:
13# SMTP password for authenticated access when sending emails.
14# studio.mail.password:
15# Turn on/off (value true/false) SMTP authenaticated access protocol.
16# studio.mail.smtp.auth: false
17# Enable/disable (value true/false) SMTP TLS protocol when sending emails.
18# studio.mail.smtp.starttls.enable: false
19# Enable/disable (value true/false) SMTP EHLO protocol when sending emails.
20# studio.mail.smtp.ehlo: true
21# Enable/disable (value true/false) debug mode for email service. Enabling debug mode allows tracking/debugging communication between email service and SMTP server.
22# studio.mail.debug: false
CORS
The following section of Studio’s configuration overrides allows you to setup CORS
1################################################################
2## CORS ##
3################################################################
4# This is configured as permissive by default for ease of deployment
5# Remember to tighten this up for production
6
7# Disable CORS headers completely
8# studio.cors.disable: false
9# Value for the Access-Control-Allow-Origin header
10# studio.cors.origins: '*'
11# Value for the Access-Control-Allow-Headers header
12# studio.cors.headers: '*'
13# Value for the Access-Control-Allow-Methods header
14# studio.cors.methods: '*'
15# Value for the Access-Control-Allow-Credentials header
16# studio.cors.credentials: true
17# Value for the Access-Control-Max-Age header
18# studio.cors.maxage: -1
The CORS origins accepts regex patterns. Values are split using ,
. Remember that commas inside
patterns need to be escaped with a \
like:
studio.cors.origins: 'http://localhost:[8000\,3000],http://*.other.domain'
Search
The following section of Studio’s configuration overrides allows you to setup the url for search
1################################################################
2## Search ##
3################################################################
4# URLs to connect to Elasticsearch
5studio.search.urls: ${env:ES_URL}
6# The username for Elasticsearch
7studio.search.username: ${env:ES_USERNAME}
8# The password for Elasticsearch
9studio.search.password: ${env:ES_PASSWORD}
10# The connection timeout in milliseconds, if set to -1 the default will be used
11studio.search.timeout.connect: -1
12# The socket timeout in milliseconds, if set to -1 the default will be used
13studio.search.timeout.socket: -1
14# The number of threads to use, if set to -1 the default will be used
15studio.search.threads: -1
16# Indicates if keep alive should be enabled for sockets used by the search client, defaults to false
17studio.search.keepAlive: false
Serverless Delivery
The following section of Studio’s configuration overrides allows you to setup serverless delivery
1##########################################################
2## Serverless Delivery ##
3##########################################################
4# Indicates if serverless delivery is enabled
5# studio.serverless.delivery.enabled: false
6# The URL for the serverless delivery deployer create URL
7# studio.serverless.delivery.deployer.target.createUrl: ${studio.preview.createTargetUrl}
8# The URL for the serverless delivery deployer delete URL
9# studio.serverless.delivery.deployer.target.deleteUrl: ${studio.preview.deleteTargetUrl}
10# The template name for serverless deployer targets
11# studio.serverless.delivery.deployer.target.template: aws-cloudformed-s3
12# Replace existing target configuration if one exists?
13# studio.serverless.delivery.deployer.target.replace: false
14# The URL the deployer will use to clone/pull the site's published repo. When the deployer is in a separate node
15# (because of clustering), this URL should be an SSH/HTTP URL to the load balancer in front of the Studios
16# studio.serverless.delivery.deployer.target.remoteRepoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/published
17# The deployer's local path where it will store the clone of the published site. This property is not needed if
18# the deployer is not the preview deployer, so you can leave an empty string ('') instead
19# studio.serverless.delivery.deployer.target.localRepoPath: ${env:CRAFTER_DATA_DIR}/repos/aws/{siteName}
20# Parameters for the target template. Please check the deployer template documentation for the possible parameters.
21# The following parameters will be sent automatically, and you don't need to specify them: env, site_name, replace,
22# disable_deploy_cron, local_repo_path, repo_url, use_crafter_search
23# studio.serverless.delivery.deployer.target.template.params:
24# # The delivery Elasticsearch endpoint (optional is authoring is using the same one, specified in the ES_URL env variable)
25# elastic_search_url:
26# aws:
27# # AWS region (optional if specified through default AWS chain)
28# region: us-east-1
29# # AWS access key (optional if specified through default AWS chain)
30# default_access_key:
31# # AWS secret key (optional if specified through default AWS chain)
32# default_secret_key:
33# cloudformation:
34# # AWS access key (optional if aws.accessKey is specified)
35# access_key:
36# # AWS secret key (optional if aws.secretKey is specified)
37# secret_key:
38# # Namespace to use for CloudFormation resources (required when target template is aws-cloudformed-s3)
39# namespace: myorganization
40# # The domain name of the serverless delivery LB (required when target template is aws-cloudformed-s3)
41# deliveryLBDomainName:
42# # The SSL certificate ARN the CloudFront CDN should use (optional when target template is aws-cloudformed-s3)
43# cloudfrontCertificateArn:
44# # The alternate domains names (besides *.cloudfront.net) for the CloudFront CDN (optional when target template is aws-cloudformed-s3)
45# alternateCloudFrontDomainNames:
Forwarded Headers
The following section of Studio’s configuration overrides allows you to configure forwarded headers to resolve the actual hostname and protocol when it is behind a load balancer or reverse proxy.
1 ##################################################
2 ## Forwarded Headers ##
3 ##################################################
4 # Indicates if Forwarded or X-Forwarded headers should be used when resolving the client-originated protocol and
5 # address. Enable when Studio is behind a reverse proxy or load balancer that sends these
6 studio.forwarded.headers.enabled: false
Access Tokens
Since 4.0.0The following section of Studio’s configuration overrides allows you to configure settings for the Studio access tokens. For more information on how access tokens are used, see Working with Crafter Studio’s APIs
1##################################################
2## Access Tokens ##
3##################################################
4
5# Issuer for the generated access tokens
6studio.security.token.issuer: ${env:STUDIO_TOKEN_ISSUER}
7# List of accepted issuers for validation of access tokens (separated by commas)
8studio.security.token.validIssuers: ${env:STUDIO_TOKEN_VALID_ISSUERS}
9# The audience for generation and validation of access tokens (if empty the instance id will be used)
10studio.security.token.audience: ${env:STUDIO_TOKEN_AUDIENCE}
11# Time in minutes for the expiration of the access tokens
12studio.security.token.timeout: ${env:STUDIO_TOKEN_TIMEOUT}
13# Password for signing the access tokens (needs to be equal or greater than 512 bits in length)
14studio.security.token.password.sign: ${env:STUDIO_TOKEN_SIGN_PASSWORD}
15# Password for encrypting the access tokens
16studio.security.token.password.encrypt: ${env:STUDIO_TOKEN_ENCRYPT_PASSWORD}
17# Name of the cookie to store the refresh token
18studio.security.token.cookie.name: ${env:STUDIO_REFRESH_TOKEN_NAME}
19# Time in seconds for the expiration of the refresh token cookie
20studio.security.token.cookie.maxAge: ${env:STUDIO_REFRESH_TOKEN_MAX_AGE}
21# Indicates if the refresh token cookie should be secure (should be true for production environments behind HTTPS)
22studio.security.token.cookie.secure: ${env:STUDIO_REFRESH_TOKEN_SECURE}
Validations Regex
Since 4.0.3CrafterCMS validates API requests related with users, groups, etc. through regex restrictions to avoid malicious payloads.
The following section of Studio’s configuration overrides allows you to configure the regex used by the validation framework to suit your needs.
##########################################################
## Input Validations ##
##########################################################
# These properties override default validation regex patterns
# from crafter common validations.
# Key should have the form `studio.validation.regex.KEY_NAME`
# Value should be a valid java regex.
#
# studio.validation.regex.HTTPParameterName: "^[a-zA-Z0-9_\\-]{1,32}$"
# studio.validation.regex.SITEID: "^[a-z0-9\\-_]*$"
# studio.validation.regex.EMAIL: "^([\\w\\d._\\-#])+@([\\w\\d._\\-#]+[.][\\w\\d._\\-#]+)+$"
# studio.validation.regex.USERNAME: "^[a-zA-Z][\\w.\\-@+]+$"
# studio.validation.regex.GROUP_NAME: "^[a-zA-Z][\\w.\\-]*$"
# studio.validation.regex.ALPHANUMERIC: "^[a-zA-Z0-9]*$"
# studio.validation.regex.SEARCH_KEYWORDS: "^[\\w\\s\\-\\\"\\.\\*]*$"
# studio.validation.regex.CONTENT_PATH_WRITE: "^/?([a-z0-9\\-_]+/?)*(((crafter\\-level\\-descriptor\\.level)|([a-z0-9_\\-]))+\\.[\\w]+)?$"
# studio.validation.regex.ASSET_PATH_WRITE: "^/?([a-z0-9-_.]+/?)*([a-z0-9_\\-./]+\\.[\\w]+)?$"
# studio.validation.regex.CONTENT_PATH_READ: "^/?([\\w\\p{IsLatin}@$%^&{}\\[\\]()+\\-=,.:~'`]+(\\s*[\\w\\p{IsLatin}/@$%^&{}\\[\\]()+\\-=,.:~'`])*(/?))*$"
# studio.validation.regex.CONTENT_FILE_NAME_WRITE: "^((crafter\\-level\\-descriptor\\.level)|([a-z0-9_\\-])+)\\.xml$"
# studio.validation.regex.CONFIGURATION_PATH: "^([a-z0-9\\-_/]+([.]*[a-z0-9\\-_])+)*(\\.[\\w]+)?/?$"