Meta tags:
description= The /etc/opscode/chef-server.rb file contains all of the non-default
configuration settings used by the Chef Infra Server. The default
settings are built into the Chef Infra Server configuration and should
only be added to the chef-server.rb file to apply non-default values.
These configuration settings are processed when the
chef-server-ctl reconfigure command is run. The chef-server.rb file
is a Ruby file, which means that conditional statements can be used
within it.
Settings
The following sections describe the various settings that are available
in the chef-server.rb file.;
Headings (most frequently used words):
opscode, chef, settings, oc, opensearch, server, rb, optional, general, bookshelf, bootstrap, compliance, forwarding, dark_launch, data_collector, estatsd, jetty, lb, lb_internal, ldap, nginx, oc_bifrost, oc_chef_authz, pedant, id, mover, erchef, expander, solr4, external, elasticsearch, postgresql, rabbitmq, redis_lb, upgrades, user, required_recipe,
Text of the page (most frequently used words):
the (877), value (570), default (497), chef (367), #server (216), infra (173), for (159), this (109), opscode (99), log (97), and (93), which (92), #postgresql (88), service (88), that (84), data (82), nginx (80), are (74), setting (73), rabbitmq (72), true (66), set (64), settings (62), directory (60), enable (59), opscode_erchef (57), used (54), number (54), ldap (53), configuration (53), with (52), opensearch (51), file (51), recommended (51), when (50), user (48), eol (48), var (47), management (46), overview (46), bookshelf (43), version (43), false (42), use (41), maximum (41), files (40), elasticsearch (39), will (37), install (37), nodes (35), 127 (35), amount (35), external (34), opt (33), automate (33), oc_bifrost (32), node (32), following (32), rotation (32), redis_lb (31), port (31), connection (31), has (30), memory (30), num_to_keep (30), builder (30), stored (29), api (29), client (29), file_maxbytes (29), configure (29), ctl (28), database (28), aws (28), oc_id (28), deployment (28), not (26), address (26), http (25), only (23), search (23), nil (23), name (23), seconds (23), about (23), policy (22), supermarket (22), must (22), time (22), note (22), opscode_solr4 (22), users (22), values (21), password (21), system (21), new (21), data_collector (20), from (20), habitat (20), compliance (19), run (19), manage (19), before (19), upgrade (19), listen (18), using (18), opscode_chef_mover (18), collector (18), request (17), log_directory (17), than (17), ssl (17), azure (17), example (17), config (17), packages (17), all (16), you (16), can (16), cookbook (16), may (16), username (16), working (16), dir (16), they (16), log_rotation (16), prem (16), secrets (15), virtual (15), possible (15), exceed (15), specified (15), solr (15), allowed (15), cookbooks (14), queue (14), 104857600 (14), rotated (14), requests (14), pool (14), apache (14), available (14), stub_status (14), backend (14), license (14), reference (14), between (13), community (13), should (13), command (13), keys (13), secret (13), generated (13), vip (13), defined (13), actions (13), also (13), index (13), workstation (13), any (12), estatsd (12), applications (12), create (12), size (12), versions (12), plugin (12), com (12), url (12), console (12), sql_user (12), add (12), 360 (12), managed (12), see (11), solr4 (11), erchef (11), oc_chef_authz (11), dark_launch (11), amazon (11), application (11), platform (11), frequency (11), defaults (11), information (11), milliseconds (11), made (11), organization (11), organizations (11), upgrades (10), expander (10), storage (10), authentication (10), location (10), specify (10), services (10), remove (10), more (10), tlsv1 (10), host (10), connections (10), configured (10), package (10), updates (10), update (10), resources (10), backup (10), restore (10), effortless (10), recovery (10), saas (10), started (10), bootstrap (9), your (9), every (9), token (9), whether (9), override (9), timeout (9), key (9), disk (9), bind (9), active (9), endpoint (9), required (9), heap_size (9), java_opts (9), out (9), running (9), access (9), origin (9), security (9), other (8), page (8), lb_internal (8), where (8), feature (8), enabled (8), such (8), legacy (8), 10000 (8), logging (8), data_dir (8), worker (8), length (8), monitor (8), get (8), new_size (8), machine (8), private (8), logs (8), style (8), load (8), email (8), fqdn (8), https (8), company (8), supported (8), certificate (8), cloud (8), prerequisites (8), disaster (8), requirements (8), desktop (8), guide (8), certificates (8), iam (8), does (7), required_recipe (7), mover (7), jetty (7), forwarding (7), general (7), non (7), store (7), objects (7), wait (7), high (7), options (7), 100 (7), messages (7), disable (7), greater (7), cache (7), equal (7), depends (7), opscode_expander (7), response (7), bind_password (7), xdl_defaults (7), cluster (7), terms (6), pedant (6), optional (6), feedback (6), each (6), based (6), tokens (6), results (6), via (6), group (6), path (6), clients (6), list (6), under (6), least (6), availability (6), append (6), always (6), instead (6), base (6), exceeds (6), work (6), sent (6), encryption (6), have (6), format (6), would (6), hostname (6), then (6), queries (6), documents (6), etc (6), send (6), sec (6), fqdns (6), protocol (6), local (6), ports (6), deprecated (6), login (6), commands (6), audit (6), migrate (6), inspec (6), cookstyle (6), troubleshooting (6), integrations (6), dashboard (6), enterprise (6), names (5), their (5), licensing (5), support (5), connect (5), minutes (5), 1000 (5), starting (5), return (5), warning (5), 30000 (5), count (5), duration (5), start (5), unique (5), front (5), db_superuser (5), text (5), require (5), total (5), 1024 (5), normally (5), assumes (5), my_postgresql (5), postgres (5), checkpoint (5), favor (5), script (5), single (5), located (5), performance (5), read (5), times (5), content (5), header (5), roles (5), oc_chef_pedant (5), authorization (5), compression (5), fips (5), manager (5), attribute (5), distinguished (5), bind_dn (5), resource (5), profiles (5), download (5), setup (5), progress (4), trademarks (4), owners (4), field (4), document (4), into (4), added (4), these (4), ruby (4), within (4), view (4), enables (4), oauth (4), credentials (4), properly (4), like (4), bags (4), object (4), administrator (4), bin (4), home (4), redis (4), expired (4), random (4), those (4), error (4), keepalive (4), topology (4), minimum (4), connect_timeout (4), 5000 (4), fail (4), capacity (4), localhost (4), being (4), permission (4), mode (4), integer (4), zero (4), directly (4), ignored (4), calculated (4), here (4), heap (4), less (4), many (4), often (4), jvm_opts (4), item (4), temporary (4), scripts (4), plugins (4), committed (4), incoming (4), rate (4), processes (4), increase (4), usage (4), during (4), runs (4), ensure (4), reconfigure (4), sql_connection_user (4), timing (4), point (4), ec2 (4), configuring (4), without (4), reindex_sleep_min_ms (4), reindex_sleep_max_ms (4), verify (4), open (4), maintained (4), db_pool_size (4), host_header (4), sql_password (4), lowercase (4), module (4), enable_non_ssl (4), type (4), gzip (4), ssl_enabled (4), corporate (4), anonymous (4), upstream (4), formatting (4), balancer (4), root_url (4), signed (4), standalone (4), downloads (4), uninstall (4), groups (4), saml (4), packs (4), apis (4), quick (4), deprecations (4), cops (4), firewalls (4), core (4), origins (4), profile (4), minio (4), enrollment (4), infrastructure (4), getting (4), migration (4), courier (4), jobs (4), app (4), integration (4), a2ha (4), premises (4), platforms (4), edition (4), product (3), software (3), one (3), 2025 (3), table (3), contents (3), how (3), github (3), including (3), uses (3), provider (3), privileged (3), root (3), level (3), changes (3), systems (3), self (3), docs (3), shell (3), pattern (3), volatile (3), frequently (3), write (3), fsync (3), current (3), larger (3), same (3), vhost (3), tls (3), reindexer (3), array (3), ibrowse (3), _status (3), identity (3), provide (3), megabytes (3), currently (3), account (3), shared (3), query (3), statement (3), private_chef (3), superuser (3), segments (3), faster (3), determine (3), attempts (3), whichever (3), mbs (3), there (3), enough (3), characteristics (3), increases (3), fewer (3), several (3), hundred (3), 3gb (3), 9200 (3), external_url (3), able (3), tuned (3), too (3), occur (3), hash (3), variables (3), retry (3), failure (3), 2000 (3), failed (3), attempt (3), both (3), large (3), part (3), enable_request_logging (3), updated (3), keep (3), place (3), environments (3), min (3), domain (3), output (3), bifrost (3), listens (3), previous (3), secure (3), macos (3), windows (3), end (3), rc4 (3), communication (3), forwarded (3), json (3), xml (3), balancers (3), group_dn (3), members (3), memberof (3), employees (3), statsd (3), report (3), accept (3), orgname (3), collection (3), sql (3), storage_type (3), filesystem (3), frontend (3), notifications (3), addons (3), herein (2), corporation (2), its (2), subsidiaries (2), affiliates (2), appropriate (2), rights (2), contained (2), reserved (2), respective (2), modified (2), cookie (2), improve (2), yes (2), contains (2), apply (2), statements (2), simple (2), compatible (2), ensures (2), process (2), message (2), indexed (2), recipe (2), who (2), target (2), embedded (2), 300 (2), idle (2), change (2), 900 (2), noeviction (2), randomly (2), lru (2), don (2), expire (2), allkeys (2), applied (2), reached (2), notice (2), debug (2), databases (2), dump (2), per (2), after (2), operating (2), rewritten (2), keydb (2), because (2), conjunction (2), route (2), comma (2), separated (2), pairs (2), age (2), initial (2), cull (2), interval (2), observed (2), analytics (2), stop (2), monitored (2), full (2), identifier (2), management_password (2), consumer (2), published (2), consumer_id (2), automatically (2), publishes (2), publish (2), actions_user (2), pgsql (2), 128 (2), passwords (2), md5_auth_cidr_addresses (2), trust_auth_cidr_addresses (2), to_i (2), dedicated (2), caching (2), md5 (2), max_connections (2), respond (2), probes (2), ram (2), checkpoints (2), completion (2), percentage (2), finish (2), next (2), done (2), sizes (2), learn (2), 16th (2), bounded (2), equivalent (2), optionn (2), xoption2 (2), xoption1 (2), placed (2), entries (2), jvm (2), initial_cluster_join_timeout (2), enable_gc_log (2), tmp (2), startup (2), creates (2), immediately (2), below (2), temp_directory (2), scripts_directory (2), plugins_directory (2), paths (2), indexing (2), specifies (2), 8983 (2), flushed (2), environment (2), newsize (2), increased (2), carefully (2), blocked (2), short (2), asked (2), actually (2), but (2), 60000 (2), matching (2), track_total_hits (2), affects (2), actor (2), result (2), returned (2), strict_search_result_acls (2), acl (2), searches (2), skip (2), opscode_chef (2), urls (2), s3_url_ttl (2), off (2), sending (2), sleep (2), retrying (2), retries (2), delayed (2), miliseconds (2), delay (2), body (2), max_cache_size (2), 256 (2), ibrowse_max_sessions (2), ibrowse_max_pipeline_size (2), dependency (2), problems (2), errors (2), given (2), stale (2), entry (2), cbv_cache_enabled (2), enabling (2), receive (2), old (2), 3600 (2), cache_ttl (2), bulk_fetch_batch_size (2), links (2), derived (2), handle (2), sql_database (2), api_fqdn (2), outbound (2), onetrust (2), enable_onetrust (2), from_email (2), similar (2), named (2), ibrowse_options (2), http_max_count (2), http_max_connection_duration (2), http_max_age (2), http_init_count (2), http_cull_interval (2), sql_ro_user (2), sql_ro_password (2), worker_connections (2), worker_processes (2), determines (2), addresses (2), strict_host_header (2), time_iso8601 (2), listen_port (2), listen_host (2), allow_list (2), ssl_protocols (2), releases (2), later (2), older (2), 443 (2), ssl_port (2), ssl_ciphers (2), sendfile (2), redirects (2), webui (2), non_ssl_port (2), 31536000 (2), javascript (2), most (2), earlier (2), reindex (2), export (2), csc_lb_url (2), allow (2), first (2), 636 (2), tls_enabled (2), abcxyz (2), enter (2), terminal (2), leave (2), domainuser (2), escape (2), typically (2), base_dn (2), 600 (2), health (2), proxy (2), proxies (2), fully (2), qualified (2), authenticated (2), arriving (2), org (2), reporting (2), owner (2), secret_access_key (2), access_key_id (2), licensed (2), insecure_addon_compat (2), remediation (2), release (2), notes (2), share (2), what (2), scaffolding (2), attributehelper (2), attributedefault (2), useplatformhelpers (2), unnecessaryplatformcasestatement (2), unnecessaryoscheck (2), trueclassfalseclassresourceproperties (2), simplifyplatformmajorversioncheck (2), overlycomplexsupportsdependsmetadata (2), negatingonlyif (2), includerecipewithparentheses (2), immediatenotificationtiming (2), filemode (2), defaultcopyrightcomments (2), copyrightcommentformat (2), commentsentencespacing (2), commentformat (2), chefwhaaat (2), attributekeys (2), invalidlicensestring (2), insecurecookbookurl (2), includeresourceexamples (2), includeresourcedescriptions (2), includepropertydescriptions (2), emptymetadatafield (2), defaultmetadatamaintainer (2), sharing (2), sshprivatekey (2), unlessdefinedrequire (2), requirenethttps (2), legacypowershelloutmethods (2), gemspecrequirerubygems (2), gemspeclicense (2), usecreateifmissing (2), unnecessarynameproperty (2), unnecessarydesiredstate (2), suggestsmetadata (2), stringpropertywithnildefault (2), sensitivepropertyinresource (2), resourcewithnothingaction (2), replacesmetadata (2), recipemetadata (2), providesmetadata (2), propertywithrequiredanddefault (2), propertysplatregex (2), ohaiattributetostring (2), namepropertyisrequired (2), multipleplatformchecks (2), longdescriptionmetadata (2), groupingmetadata (2), doublecompiletime (2), customresourcewithallowedactions (2), conflictsmetadata (2), attributemetadata (2), aptrepositorynotifiesaptupdate (2), aptrepositorydistributiondefault (2), redundantcode (2), zipfileresource (2), windowszipfileusage (2), windowsscresource (2), windowsregistryuac (2), whyrunsupportedtrue (2), useszypperrepo (2), userequirerelative (2), usemultipackageinstalls (2), usecheflanguagesystemdhelper (2), usecheflanguageenvhelpers (2), usecheflanguagecloudhelpers (2), usebuildessentialresource (2), unnecessarymixlibshelloutrequire (2), unnecessarydependschef15 (2), unnecessarydependschef14 (2), sysctlparamresource (2), simplifyaptppasetup (2), shellouttochocolatey (2), shellouthelper (2), sevenziparchiveresource (2), setorreturninresources (2), respondtoresourcename (2), respondtoprovides (2), respondtoinmetadata (2), respondtocompiletime (2), resourcenamefrominitialize (2), resourceforcingcompiletime (2), providesfrominitialize (2), propertywithnameattribute (2), powershellscriptexpandarchive (2), powershellinstallwindowsfeature (2), powershellinstallpackage (2), powershellguardinterpreter (2), osxconfigprofileresource (2), opensslx509resource (2), opensslrsakeyresource (2), noderolesinclude (2), nodeinitpackage (2), minitesthandlerusage (2), macosxuserdefaults (2), libarchivefileresource (2), legacyberksfilesource (2), includingwindowsdefaultrecipe (2), includingohaidefaultrecipe (2), includingmixinshelloutinresources (2), includingaptdefaultrecipe (2), ifprovidesdefaultaction (2), foodcriticcomments (2), executetzutil (2), executesysctl (2), executesleep (2), executescexe (2), executeaptupdate (2), emptyresourceinitializemethod (2), dslincludeinresource (2), dependsonzyppercookbook (2), dependsonwindowsfirewallcookbook (2), dependsontimezonelwrpcookbook (2), dependsonopensslcookbook (2), dependsonlocalecookbook (2), dependsonkernelmodulecookbook (2), dependsonchocolateycookbooks (2), dependsonchefvaultcookbook (2), definitions (2), defineschefspecmatchers (2), defaultactionfrominitialize (2), declareactionclass (2), databaghelpers (2), customresourcewithattributes (2), cronmanageresource (2), crondfileortemplate (2), conditionalusingtest (2), classevalactionclass (2), chefgemnokogiri (2), allowedactionsfrominitialize (2), actionmethodinresource (2), modernize (2), searchforenvironmentsorroles (2), dependschefvault (2), cookbookusessearch (2), cookbookusesroles (2), cookbookusespolicygroups (2), cookbookusesenvironments (2), cookbookusesdatabags (2), chefvaultused (2), berksfile (2), windowsversionhelpers (2), windowstaskchangeaction (2), windowspackageinstallertypestring (2), windowsfeatureservermanagercmd (2), verifypropertyusesfileexpansion (2), useyamldump (2), usesruncommandhelper (2), usesdeprecatedmixins (2), useschefresthelpers (2), userdeprecatedsupportsproperty (2), useinlineresourcesdefined (2), useautomaticresourcename (2), searchusespositionalparameters (2), rubyblockcreateaction (2), ruby27keywordargumentwarnings (2), resourcewithoutunifiedtrue (2), resourceusesupdatedmethod (2), resourceusesproviderbasemethod (2), resourceusesonlyresourcename (2), resourceusesdslnamemethod (2), resourceoverridesprovidesmethod (2), resourceinheritsfromcompatresource (2), requirerecipe (2), powershellcookbookhelpers (2), policyfilecommunitysource (2), poisearchiveusage (2), partialsearchhelperusage (2), partialsearchclassusage (2), nodesetwithoutlevel (2), nodesetunless (2), nodeset (2), nodemethodsinsteadofattributes (2), nodedeepfetch (2), namepropertywithdefaultvalue (2), macosuserdefaultsglobalproperty (2), logresourcenotifications (2), localedeprecatedlcallproperty (2), librarianchefspec (2), legacyyumcookbookrecipes (2), legacynotifysyntax (2), launchddeprecatedhashproperty (2), includingyumdnfcompatrecipe (2), includingxmlrubyrecipe (2), hwrpwithoutunifiedtrue (2), hwrpwithoutprovides (2), foodcritictesting (2), foodcriticfile (2), executerelativecreateswithoutcwd (2), executepathproperty (2), erlcallresource (2), epicfail (2), eolauditmodeusage (2), easyinstallresource (2), deprecatedyumrepositoryproperties (2), deprecatedyumrepositoryactions (2), deprecatedwindowsversioncheck (2), deprecatedsudoactions (2), deprecatedshelloutmethods (2), deprecatedplatformmethods (2), deprecatedchefspecplatform (2), dependsonomnibusupdatercookbook (2), dependsonchefreportingcookbook (2), dependsonchefnginxcookbook (2), delivery (2), cookbooksdependsonself (2), cookbookdependsonpoise (2), cookbookdependsonpartialsearch (2), cookbookdependsoncompatresource (2), chocolateypackageuninstallaction (2), chefwindowsplatformhelper (2), chefsugarhelpers (2), chefspeclegacyrunner (2), chefspeccoveragereport (2), chefshellout (2), chefrewind (2), chefhandlerusessupports (2), chefhandlerrecipe (2), cheffile (2), chefdkgenerators (2), tmppath (2), supportsmustbefloat (2), serviceresource (2), scopedfileexist (2), resourcewithnoneaction (2), resourcesetsnameproperty (2), resourcesetsinternalproperties (2), propertywithouttype (2), powershellscriptdeletefile (2), powershellfileexists (2), opensslpasswordhelpers (2), octalmodeasstring (2), notifiesactionnotsymbol (2), nodenormalunless (2), nodenormal (2), metadatamissingversion (2), metadatamissingname (2), metadatamalformeddepends (2), malformedplatformvalueforplatformhelper (2), macosuserdefaultsinvalidtype (2), lazyinresourceguard (2), lazyevalnodeattributedefaults (2), invalidversionmetadata (2), invalidplatformvalueforplatformhelper (2), invalidplatformvalueforplatformfamilyhelper (2), invalidplatformmetadata (2), invalidplatformincase (2), invalidplatformhelper (2), invalidplatformfamilyincase (2), invalidplatformfamilyhelper (2), invalidnotificationtiming (2), invalidnotificationresource (2), invaliddefaultaction (2), invalidcookbookname (2), incorrectlibraryinjection (2), emptyresourceguard (2), dnfpackageallowdowngrades (2), cookbookusesnodesave (2), conditionalrubyshellout (2), chefapplicationfatal (2), blockguardwithonlystring (2), correctness (2), v25 (2), v26 (2), tuning (2), tiered (2), installation (2), airgap (2), planning (2), plan (2), refresh (2), strategy (2), membership (2), rbac (2), rotate (2), certs (2), separate (2), scale (2), artifactory (2), artifact (2), warm (2), spare (2), env (2), windows_update_settings (2), windows_power_management (2), windows_password_policy (2), windows_ie_esc (2), windows_firewall (2), windows_disk_encryption (2), windows_desktop_winrm_settings (2), windows_desktop_screensaver (2), windows_defender_exclusion (2), windows_defender (2), windows_choco_installer (2), windows_automatic_logout (2), windows_app_management (2), windows_admin_control (2), rescue_account (2), macos_power_management (2), macos_password_policy (2), macos_firewall (2), macos_disk_encryption (2), macos_desktop_screensaver (2), macos_automatic_software_updates (2), macos_automatic_logout (2), macos_app_management (2), macos_admin_control (2), touch (2), redirect (2), sso (2), opsworks (2), skills (2), administration (2), guides (2), enroll (2), clis (2), san (2), best (2), practices (2), flags (2), cli (2), architecture (2), incident (2), servicenow (2), marketplace (2), scan (2), reports (2), eas (2), event (2), feed (2), teams (2), policies (2), projects (2), lifecycle (2), feeds (2), cleanup (2), monitoring (2), centralize (2), ingestion (2), invalid (2), telemetry (2), session (2), disclosure (2), panel (2), banner (2), topics (2), bastion (2), sudo (2), rds (2), vpc (2), cidr (2), faqs (2), benchmarks (2), custom (2), bootstrapping (2), generation (2), existing (2), efs (2), back (2), customer (2), airgapped (2), tutorial (2), shortcodes (2), matter (2), reuse (2), hugo (2), procedures (2), tables (2), headings (2), notices (2), markdown (2), lists (2), linking (2), tools (2), house (2), contribute (2), guidelines (2), contributions (2), commercial (2), training (2), blog (2), main (2), certain, registered, countries, markings, inclusion, imply, endorsement, affiliation, sponsorship, copyright, 2026, last, january, privacy, trademark, site, map, thank, submit, fill, ask, contact, still, stuck, edit, help, was, helpful, built, processed, means, conditional, recipes, templates, associated, authorized, issued, special, pulled, indexes, searching, timely, serve, owned, world, writeable, allows, regardless, targeted, expert, practitioners, delivering, isolated, agent, further, explanation, found, development, saves, save, save_frequency, 16379, nearest, ttl, operation, maxmemory_policy, bytes, maxmemory, verbose, loglevel, asynchronously, appendonly, once, second, everysec, let, flush, writes, waiting, appendfsync, compared, aof_rewrite_percent, 16mb, aof_rewrite_min_size, rehashing, activerehashing, onwards, underneath, functions, supposed, fork, continue, populate, ssl_versions, reindexer_vhost, rabbit_mgmt_timeout, rabbit_mgmt_ibrowse_options, rabbit_mgmt_http_max_count, rabbit_mgmt_http_max_connection_duration, rabbit_mgmt_http_max_age, rabbit_mgmt_http_init_count, rabbit_mgmt_http_cull_interval, queue_length_monitor_vhost, alaska, queue_length_monitor_queue, calls, overloaded, queue_length_monitor_timeout_millis, checked, queue_length_monitor_millis, queue_length_monitor_enabled, queue_at_capacity_affects_overall_status, prevent_erchef_startup_on_full_capacity, rabbit, nodename, 5672, node_port, node_ip_address, rabbitmgmt, management_user, 15672, management_port, management_enabled, drop_on_full_capacity, hotsauce, queued, drops, make, room, analytics_max_length, actions_vhost, actions_password, exchange, actions_exchange, 8mb, sorting, work_mem, hardcoded, user_path, 7200, pg_upgrade_timeout, clear, sslmode, 17179869184, shmmax, 4194304, shmall, shared_buffers, 5432, encrypt, hashes, 350, concurrent, logged, disabled, slow, log_min_duration_statement, source, listen_address, keepalives_interval, remain, resume, keepalives_idle, proves, dropping, keepalives_count, effective_cache_size, db_superuser_password, dashes, replaced, underscores, opscode_pgsql, db_connection_superuser, 30s, filled, checkpoint_warning, 5min, checkpoint_timeout, checkpoint_segments, quickly, relation, status, checkpoint_completion_target, documentation, supports, listening, raise, buffer, amout, pending, ram_buffer_size, secondary, polls, primary, poll_seconds, variable, segment, merge_factor, merged, 2147483647, max_merge_docs, complete, building, 100000, max_field_length, max_commit_docs, log_gc, empty, ip_address, ec11, smaller, commit_interval, soft, commit, triggered, auto_soft_commit, reindexer_log_directory, latency, calculating, exact, impact, capps, 000, validator, validation_client_name, 0022, umask, udp_socket_pool_size, could, affect, determined, redundant, checks, been, picks, batch, search_queue_mode, search_provider, opensearch_user, search_auth_username, search_auth_password, connecting, mainly, manually, eliminate, some, buckets, future, s3_url_type, 28800, bootstraps, specific, fifteen, 15m, s3_url_expiry_window_size, s3_parallel_ops_timeout, s3_parallel_ops_fanout, bucket, locations, s3_bucket, chefapi, root_metric_key, case, reindex_item_retries, 500, items, fetch, reindex_batch_size, 8000, serves, cached, nginx_bookshelf_caching, 2000000, 413, entity, max_request_size, include, server_version, include_version_in_status, enable_ibrowse_traces, premium, enable_actionlog, unsolved, depsolver, workers, seeing, 503, unavailable, pgrep, depselector, depsolver_worker_count, solved, depsolver_timeout, couchdb_max_conn, cleanup_batch_size, careful, increasing, resolved, increment, approach, updating, cbv_cache_item_ttl, very, long, worth, makes, incrementing, give, subsequent, cookbook_versions, deserialized, applies, base_resource_url, authz_timeout, authz_fanout, auth_skew, knife, allow_email_update_only_from_manage, sandboxes, erlang, areas, solr_timeout, solr_ibrowse_options, solr_http_max_count, solr_http_max_connection_duration, solr_http_max_age, solr_http_init_count, solr_http_cull_interval, od_id, 9090, onetrust_id, consent, verification, email_from_address, none, mycompany, auth, chef_oauth2, callback, redirect_uri, define, user1, user2, administrators, webui_priv, pem, traffic, log_http_requests, tests, debug_org_creation, max_connection_request_limit, established, oc_erchef, authz, superuser_id, bifrost_ro, 9463, extended_perf_log, failures, indicate, ran, x_forwarded_proto, cpu, 10240, simultaneous, welcome, shown, show_welcome_page, useful, combination, use_implicit_hosts, jun, 2018, 0900, time_local, 2020, 21t07, time_format, tcp, transactions, tcp_nopush, nagle, buffering, algorithm, tcp_nodelay, nginx_status, 9999, accessing, matches, state, province, region, ssl_state_name, enhanced, defaulted, linux, unix, necessary, life, operations, ssl_organizational_unit_name, seattle, city, ssl_locality_name, ssl_email_address, country, ssl_country_name, youcorp, ssl_company_name, psk, cipher, suites, establish, aes256, ecdhe, forward, drop, prefix, link, sha, rsa, ssl_certificate_key, over, ssl_certificate, server_name, copy, descriptors, bound, otherwise, requires, master, nginx_no_root, http_x_forwarded_for, remote_addr, log_x_forwarded_for, keepalive_timeout, year, 63072000, till, browser, caches, hsts, hsts_max_age, rss, css, plain, mime, types, gzip_types, gzip_proxied, depending, gzip_http_version, fastest, slowest, gzip_comp_level, enable_stub_status, termination, hardware, endpoints, internet, ipv6, enable_ipv6, 250m, accepted, indicated, client_max_body_size, 5000m, parameter, directive, removes, recently, proxy_cache_path, max_size, cache_max_size, descriptive, displayed, interface, display, strings, system_adjective, cause, simple_tls, 389, configurations, samaccountname, holds, login_attribute, sure, resolve, filters, works, servers, openldap, overlay, provides, binding, unset, sufficient, need, characters, escaped, backslash, character, perform, needs, blank, exist, structure, missing, unable, proceed, 9683, oc_bifrost_port, 9680, chef_port, 9685, account_port, internal, couchdb_organizations, couchdb_groups, couchdb_containers, couchdb_associations, couchdb_association_requests, couchdb_acls, 503_mode, web_ui_fqdn, redis_keepalive_timeout, redis_connection_timeout, 250, redis_connection_pool_size, maint_refresh_interval, chef_server_webui, chef_min_version, chef_max_version, cache_cookbook_files, ban_refresh_interval, statistics, 9466, boolean, controls, included, overall, healthy, cannot, health_check, passed, choose, reject, check, signature, right, just, present, appended, correctly, uri, look, my_automate_server, sql_users, performs, quick_start, new_theme, add_type_and_bag_to_items, expected, indicates, generally, stream, downloading, improved, especially, behavior, stream_download, instances, 4321, tier, manual, role, addressed, notification_email, www, pricing, visit, upgrade_url, donotreply, invitations, installed, install_path, supporting, compatibility, rendering, written, kernel, force, flavor, org_name, default_orgname, api_version, reconfigured, sections, describe, various, menu,
Text of the page (random words):
e opt opscode from_email the email address from which invitations to the chef management console are sent default value opscode donotreply chef io license nodes the number of licensed nodes default value 25 license upgrade_url the url to visit for more information about how to update the number of nodes licensed for an organization default value https www chef io pricing notification_email the email addressed to which email notifications are sent default value pc default chef io role the configuration type of the chef infra server possible values backend frontend or standalone default value standalone topology the topology of the chef infra server possible values manual standalone and tier default value standalone bookshelf the bookshelf service is an amazon simple storage service s3 compatible service that is used to store cookbooks including all of the files recipes templates and so on that are associated with each cookbook note to configure the server for external cookbook storage updates are made to settings for both the bookshelf and opscode erchef services this configuration file has the following settings for bookshelf bookshelf access_key_id deprecated use chef server ctl set secret bookshelf access_key_id from the secrets management commands the access key identifier this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value generated bookshelf data_dir the directory in which on disk data is stored the default value is the recommended value default value var opt opscode bookshelf data bookshelf dir the working directory the default value is the recommended value default value var opt opscode bookshelf bookshelf enable enable a service default value true bookshelf enable_request_logging use to configure request logging for the bookshelf service default value false bookshelf external_url the base url to which the service is to return links to api resources use host_header to ensure the url is derived from the host header of the incoming http request default value host_header bookshelf listen the ip address on which the service is to listen default value 127 0 0 1 bookshelf log_directory the directory in which log data is stored the default value is the recommended value default value var log opscode bookshelf bookshelf log_rotation the log rotation policy for this service log files are rotated when they exceed file_maxbytes the maximum number of log files in the rotation is defined by num_to_keep default value file_maxbytes 104857600 num_to_keep 10 bookshelf port the port on which the service is to listen default value 4321 bookshelf secret_access_key deprecated use chef server ctl set secret bookshelf secret_access_key from the secrets management commands the secret key this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value generated bookshelf storage_type determines where cookbooks are stored default value filesystem in instances that require cookbooks to be stored within a sql backend such as in a high availability setup you must set storage_type to sql bookshelf storage_type sql bookshelf stream_download enable stream downloading of cookbooks this setting when true typically results in improved cookbook download performance especially with the memory usage of the bookshelf service and the behavior of load balancers and proxies in between chef infra client and the chef infra server default value true bookshelf sql_connection_user the postgresql user name in username hostname format e g bookshelf my_postgresql postgres database azure com where username would normally equal the value of bookshelf sql_user default bookshelf this setting is required in an external azure postgresql database as a service configuration if set to nil chef infra server assumes that the database is not on azure and the postgresql connection will be made using the value specified in bookshelf sql_user default value nil bookshelf vip the virtual ip address this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value 127 0 0 1 bootstrap this configuration file has the following settings for bootstrap bootstrap enable indicates whether an attempt to bootstrap the chef infra server is made generally only enabled on systems that have bootstrap enabled via a server entry default value true compliance forwarding the configuration file has the following settings for forwarding compliance requests using the chef infra server authentication system profiles root_url if set any properly signed requests arriving at organizations orgname owners owner compliance will be forwarded to this url this is expected to be a fully qualified resource e g http compliance example org owners owner compliance dark_launch this configuration file has the following settings for dark_launch dark_launch actions enable chef actions default value true dark_launch add_type_and_bag_to_items default value true dark_launch new_theme default value true dark_launch private chef default value true dark_launch quick_start default value false dark_launch reporting enable reporting which performs data collection during a chef infra client run default value true dark_launch sql_users default value true data_collector this configuration file has the following settings for data_collector data_collector root_url the fully qualified url to the data collector server api when present it will enable the data collector in opscode erchef this also enables chef infra server authenticated forwarding any properly signed requests arriving at organizations orgname data collector to this url with the data collector token appended this is also target for requests authenticated and forwarded by the organizations orgname data collector endpoint for the forwarding to work correctly the data_collector token field must also be set for example if the data collector in chef automate is being used the uri would look like http my_automate_server example org data collector v0 data_collector proxy if set to true chef infra server will proxy all requests sent to data collector to the configured chef automate data_collector root_url note that this route does not check the request signature and add the right data_collector token but just proxies the chef automate endpoint as is default value nil data_collector token deprecated use chef server ctl set secret data_collector token from the secrets management commands legacy configuration for shared data collector security token when configured the token will be passed as an http header named x data collector token which the server can choose to accept or reject data_collector timeout the amount of time in milliseconds before a request to the data collector api times out default value 30000 data_collector http_init_count the initial worker count for the http connection pool that is used by the data collector default value 25 data_collector http_max_count the maximum worker count for the http connection pool that is used by the data collector default value 100 data_collector http_max_age the maximum connection worker age in seconds for the http connection pool that is used by the data collector default value 70 sec data_collector http_cull_interval the maximum cull interval in minutes for the http connection pool that is used by the data collector default value 1 min data_collector http_max_connection_duration the maximum connection duration in seconds for the http connection pool that is used by the data collector default value 70 sec data_collector ibrowse_options an array of comma separated key value pairs of ibrowse options for the http connection pool that is used by the data collector default value connect_timeout 10000 data_collector health_check a boolean that controls whether the data collector health is included in the overall health at the _status endpoint when set to true chef infra server will report that healthy front end chef ha cluster members have failed when the data_collector root_url cannot be reached as a result the load balancer will remove those members from the load balancer pool default value true estatsd this configuration file has the following settings for estatsd estatsd dir the working directory the default value is the recommended value default value var opt opscode estatsd estatsd enable enable a service default value true estatsd log_directory the directory in which log data is stored the default value is the recommended value default value var log opscode estatsd estatsd port the port on which the service is to listen default value 9466 estatsd protocol use to send application statistics with statsd protocol formatting set this value to statsd to apply statsd protocol formatting estatsd vip the virtual ip address default value 127 0 0 1 jetty this configuration file has the following settings for jetty jetty enable setting eol in chef infra server 14 enable a service this value should not be modified default value false jetty log_directory setting eol in chef infra server 14 the directory in which log data is stored the default value is the recommended value default value var opt opscode opscode solr4 jetty logs lb lb_internal this configuration file has the following settings for lb lb api_fqdn the fqdn for the chef infra server fqdns must always be in lowercase default value node fqdn lb ban_refresh_interval default value 600 lb bookshelf default value 127 0 0 1 lb cache_cookbook_files default value false lb chef_max_version the maximum version of chef infra client that is allowed to access the chef infra server via the chef infra server api default value 11 lb chef_min_version the minimum version of chef infra client that is allowed to access the chef infra server via the chef infra server api default value 10 lb chef_server_webui default value 127 0 0 1 lb debug default value false lb enable enable a service default value true lb erchef default value 127 0 0 1 lb maint_refresh_interval default value 600 lb redis_connection_pool_size default value 250 lb redis_connection_timeout the amount of time in milliseconds to wait before timing out default value 1000 lb redis_keepalive_timeout the amount of time in milliseconds to wait before timing out default value 2000 lb upstream bookshelf the default value is the recommended value default value 127 0 0 1 lb upstream oc_bifrost the default value is the recommended value default value 127 0 0 1 lb upstream opscode_erchef the default value is the recommended value default value 127 0 0 1 lb upstream opscode_solr4 the default value is the recommended value default value 127 0 0 1 lb vip the virtual ip address default value 127 0 0 1 lb web_ui_fqdn fqdns must always be in lowercase default value node fqdn lb xdl_defaults 503_mode the default value is the recommended value default value false lb xdl_defaults couchdb_acls the default value is the recommended value default value true lb xdl_defaults couchdb_association_requests the default value is the recommended value default value true lb xdl_defaults couchdb_associations the default value is the recommended value default value true lb xdl_defaults couchdb_containers the default value is the recommended value default value true lb xdl_defaults couchdb_groups the default value is the recommended value default value true lb xdl_defaults couchdb_organizations the default value is the recommended value default value true and for the internal load balancers lb_internal account_port default value 9685 lb_internal chef_port default value 9680 lb_internal enable default value true lb_internal oc_bifrost_port default value 9683 lb_internal vip the virtual ip address default value 127 0 0 1 ldap warning the following settings must be in the config file for ldap authentication to active directory to work base_dn bind_dn group_dn host if those settings are missing you will get authentication errors and be unable to proceed this configuration file has the following settings for ldap ldap base_dn the root ldap node under which all other nodes exist in the directory structure for active directory this is typically cn users and then the domain for example ou employees ou domain users dc example dc com default value nil ldap bind_dn the distinguished name used to bind to the ldap server the user the chef infra server will use to perform ldap searches this is often the administrator or manager user this user needs to have read access to all ldap users that require authentication the chef infra server must do an ldap search before any user can log in many active directory and ldap systems do not allow an anonymous bind if anonymous bind is allowed leave the bind_dn and bind_password settings blank if anonymous bind is not allowed a user with read access to the directory is required this user must be specified as an ldap distinguished name similar to cn user ou employees ou domainuser dc example dc com note if you need to escape characters in a distinguished name such as when using active directory they must be escaped with a backslash escape character cn example user ou employees ou domainuser dc example dc com default value nil ldap bind_password deprecated use chef server ctl set secret ldap bind_password from the secrets management commands legacy configuration for the password of the binding user the password for the user specified by ldap bind_dn leave this value and ldap bind_dn unset if anonymous bind is sufficient default value nil chef server ctl set secret ldap bind_password enter ldap bind_password no terminal output re enter ldap bind_password no terminal output remove a set password via chef server ctl remove secret ldap bind_password ldap group_dn the distinguished name for a group when set to the distinguished name of a group only members of that group can log in this feature filters based on the memberof attribute and only works with ldap servers that provide such an attribute in openldap the memberof overlay provides this attribute for example if the value of the memberof attribute is cn abcxyz ou users dc company dc com then use ldap group_dn cn abcxyz ou users dc company dc com ldap host the name or ip address of the ldap server the hostname of the ldap or active directory server be sure the chef infra server is able to resolve any host names default value ldap server host ldap login_attribute the ldap attribute that holds the user s login name use to specify the chef infra server user name for an ldap user default value samaccountname ldap port an integer that specifies the port on which the ldap server listens the default value is an appropriate value for most configurations default value 389 or 636 when ldap encryption is set to simple_tls ldap ssl_enabled cause the chef infra server to connect to ...
|