Meta tags:
description= The /etc/opscode/chef-server.rb file contains all of the non-default
configuration settings used by the Chef Infra Server. The default
settings are built into the Chef Infra Server configuration and should
only be added to the chef-server.rb file to apply non-default values.
These configuration settings are processed when the
chef-server-ctl reconfigure command is run. The chef-server.rb file
is a Ruby file, which means that conditional statements can be used
within it.
Settings
The following sections describe the various settings that are available
in the chef-server.rb file.;
Headings (most frequently used words):
opscode, chef, settings, oc, opensearch, server, rb, optional, general, bookshelf, bootstrap, compliance, forwarding, dark_launch, data_collector, estatsd, jetty, lb, lb_internal, ldap, nginx, oc_bifrost, oc_chef_authz, pedant, id, mover, erchef, expander, solr4, external, elasticsearch, postgresql, rabbitmq, redis_lb, upgrades, user, required_recipe,
Text of the page (most frequently used words):
the (877), value (570), default (497), chef (367), #server (216), infra (173), for (159), this (109), opscode (99), log (97), and (93), which (92), postgresql (88), service (88), that (84), data (82), nginx (80), are (74), setting (73), rabbitmq (72), true (66), set (64), settings (62), directory (60), enable (59), opscode_erchef (57), used (54), number (54), ldap (53), configuration (53), with (52), opensearch (51), file (51), recommended (51), when (50), user (48), eol (48), var (47), management (46), overview (46), bookshelf (43), version (43), false (42), use (41), maximum (41), files (40), elasticsearch (39), will (37), install (37), nodes (35), 127 (35), amount (35), external (34), opt (33), automate (33), oc_bifrost (32), node (32), following (32), rotation (32), redis_lb (31), port (31), connection (31), has (30), memory (30), num_to_keep (30), builder (30), stored (29), api (29), client (29), file_maxbytes (29), configure (29), ctl (28), database (28), aws (28), oc_id (28), deployment (28), not (26), address (26), http (25), only (23), search (23), nil (23), name (23), seconds (23), about (23), policy (22), supermarket (22), must (22), time (22), note (22), opscode_solr4 (22), users (22), values (21), password (21), system (21), new (21), data_collector (20), from (20), habitat (20), compliance (19), run (19), manage (19), before (19), upgrade (19), listen (18), using (18), opscode_chef_mover (18), collector (18), request (17), log_directory (17), than (17), ssl (17), azure (17), example (17), config (17), packages (17), all (16), you (16), can (16), cookbook (16), may (16), username (16), working (16), dir (16), they (16), log_rotation (16), prem (16), secrets (15), virtual (15), possible (15), exceed (15), specified (15), solr (15), allowed (15), cookbooks (14), queue (14), 104857600 (14), rotated (14), requests (14), pool (14), apache (14), available (14), stub_status (14), backend (14), license (14), reference (14), between (13), community (13), should (13), command (13), keys (13), secret (13), generated (13), vip (13), defined (13), actions (13), also (13), index (13), workstation (13), any (12), estatsd (12), applications (12), create (12), size (12), versions (12), plugin (12), com (12), url (12), console (12), sql_user (12), add (12), 360 (12), managed (12), see (11), solr4 (11), erchef (11), oc_chef_authz (11), dark_launch (11), amazon (11), application (11), platform (11), frequency (11), defaults (11), information (11), milliseconds (11), made (11), organization (11), organizations (11), upgrades (10), expander (10), storage (10), authentication (10), location (10), specify (10), services (10), remove (10), more (10), tlsv1 (10), host (10), connections (10), configured (10), package (10), updates (10), update (10), resources (10), backup (10), restore (10), effortless (10), recovery (10), saas (10), started (10), bootstrap (9), your (9), every (9), token (9), whether (9), override (9), timeout (9), key (9), disk (9), bind (9), active (9), endpoint (9), required (9), heap_size (9), java_opts (9), out (9), running (9), access (9), origin (9), security (9), other (8), page (8), lb_internal (8), where (8), feature (8), enabled (8), such (8), legacy (8), 10000 (8), logging (8), data_dir (8), worker (8), length (8), monitor (8), get (8), new_size (8), machine (8), private (8), logs (8), style (8), load (8), email (8), fqdn (8), https (8), company (8), supported (8), certificate (8), cloud (8), prerequisites (8), disaster (8), requirements (8), desktop (8), guide (8), certificates (8), iam (8), does (7), required_recipe (7), mover (7), jetty (7), forwarding (7), general (7), non (7), store (7), objects (7), wait (7), high (7), options (7), 100 (7), messages (7), disable (7), greater (7), cache (7), equal (7), depends (7), opscode_expander (7), response (7), bind_password (7), xdl_defaults (7), cluster (7), terms (6), pedant (6), optional (6), feedback (6), each (6), based (6), tokens (6), results (6), via (6), group (6), path (6), clients (6), list (6), under (6), least (6), availability (6), append (6), always (6), instead (6), base (6), exceeds (6), work (6), sent (6), encryption (6), have (6), format (6), would (6), hostname (6), then (6), queries (6), documents (6), etc (6), send (6), sec (6), fqdns (6), protocol (6), local (6), ports (6), deprecated (6), login (6), commands (6), audit (6), migrate (6), inspec (6), cookstyle (6), troubleshooting (6), integrations (6), dashboard (6), enterprise (6), names (5), their (5), licensing (5), support (5), connect (5), minutes (5), 1000 (5), starting (5), return (5), warning (5), 30000 (5), count (5), duration (5), start (5), unique (5), front (5), db_superuser (5), text (5), require (5), total (5), 1024 (5), normally (5), assumes (5), my_postgresql (5), postgres (5), checkpoint (5), favor (5), script (5), single (5), located (5), performance (5), read (5), times (5), content (5), header (5), roles (5), oc_chef_pedant (5), authorization (5), compression (5), fips (5), manager (5), attribute (5), distinguished (5), bind_dn (5), resource (5), profiles (5), download (5), setup (5), progress (4), trademarks (4), owners (4), field (4), document (4), into (4), added (4), these (4), ruby (4), within (4), view (4), enables (4), oauth (4), credentials (4), properly (4), like (4), bags (4), object (4), administrator (4), bin (4), home (4), redis (4), expired (4), random (4), those (4), error (4), keepalive (4), topology (4), minimum (4), connect_timeout (4), 5000 (4), fail (4), capacity (4), localhost (4), being (4), permission (4), mode (4), integer (4), zero (4), directly (4), ignored (4), calculated (4), here (4), heap (4), less (4), many (4), often (4), jvm_opts (4), item (4), temporary (4), scripts (4), plugins (4), committed (4), incoming (4), rate (4), processes (4), increase (4), usage (4), during (4), runs (4), ensure (4), reconfigure (4), sql_connection_user (4), timing (4), point (4), ec2 (4), configuring (4), without (4), reindex_sleep_min_ms (4), reindex_sleep_max_ms (4), verify (4), open (4), maintained (4), db_pool_size (4), host_header (4), sql_password (4), lowercase (4), module (4), enable_non_ssl (4), type (4), gzip (4), ssl_enabled (4), corporate (4), anonymous (4), upstream (4), formatting (4), balancer (4), root_url (4), signed (4), standalone (4), downloads (4), uninstall (4), groups (4), saml (4), packs (4), apis (4), quick (4), deprecations (4), cops (4), firewalls (4), core (4), origins (4), profile (4), minio (4), enrollment (4), infrastructure (4), getting (4), migration (4), courier (4), jobs (4), app (4), integration (4), a2ha (4), premises (4), platforms (4), edition (4), product (3), software (3), one (3), 2025 (3), table (3), contents (3), how (3), github (3), including (3), uses (3), provider (3), privileged (3), root (3), level (3), changes (3), systems (3), self (3), docs (3), shell (3), pattern (3), volatile (3), frequently (3), write (3), fsync (3), current (3), larger (3), same (3), vhost (3), tls (3), reindexer (3), array (3), ibrowse (3), _status (3), identity (3), provide (3), megabytes (3), currently (3), account (3), shared (3), query (3), statement (3), private_chef (3), superuser (3), segments (3), faster (3), determine (3), attempts (3), whichever (3), mbs (3), there (3), enough (3), characteristics (3), increases (3), fewer (3), several (3), hundred (3), 3gb (3), 9200 (3), external_url (3), able (3), tuned (3), too (3), occur (3), hash (3), variables (3), retry (3), failure (3), 2000 (3), failed (3), attempt (3), both (3), large (3), part (3), enable_request_logging (3), updated (3), keep (3), place (3), environments (3), min (3), domain (3), output (3), bifrost (3), listens (3), previous (3), secure (3), macos (3), windows (3), end (3), rc4 (3), communication (3), forwarded (3), json (3), xml (3), balancers (3), group_dn (3), members (3), memberof (3), employees (3), statsd (3), report (3), accept (3), orgname (3), collection (3), sql (3), storage_type (3), filesystem (3), frontend (3), notifications (3), addons (3), herein (2), corporation (2), its (2), subsidiaries (2), affiliates (2), appropriate (2), rights (2), contained (2), reserved (2), respective (2), modified (2), cookie (2), improve (2), yes (2), contains (2), apply (2), statements (2), simple (2), compatible (2), ensures (2), process (2), message (2), indexed (2), recipe (2), who (2), target (2), embedded (2), 300 (2), idle (2), change (2), 900 (2), noeviction (2), randomly (2), lru (2), don (2), expire (2), allkeys (2), applied (2), reached (2), notice (2), debug (2), databases (2), dump (2), per (2), after (2), operating (2), rewritten (2), keydb (2), because (2), conjunction (2), route (2), comma (2), separated (2), pairs (2), age (2), initial (2), cull (2), interval (2), observed (2), analytics (2), stop (2), monitored (2), full (2), identifier (2), management_password (2), consumer (2), published (2), consumer_id (2), automatically (2), publishes (2), publish (2), actions_user (2), pgsql (2), 128 (2), passwords (2), md5_auth_cidr_addresses (2), trust_auth_cidr_addresses (2), to_i (2), dedicated (2), caching (2), md5 (2), max_connections (2), respond (2), probes (2), ram (2), checkpoints (2), completion (2), percentage (2), finish (2), next (2), done (2), sizes (2), learn (2), 16th (2), bounded (2), equivalent (2), optionn (2), xoption2 (2), xoption1 (2), placed (2), entries (2), jvm (2), initial_cluster_join_timeout (2), enable_gc_log (2), tmp (2), startup (2), creates (2), immediately (2), below (2), temp_directory (2), scripts_directory (2), plugins_directory (2), paths (2), indexing (2), specifies (2), 8983 (2), flushed (2), environment (2), newsize (2), increased (2), carefully (2), blocked (2), short (2), asked (2), actually (2), but (2), 60000 (2), matching (2), track_total_hits (2), affects (2), actor (2), result (2), returned (2), strict_search_result_acls (2), acl (2), searches (2), skip (2), opscode_chef (2), urls (2), s3_url_ttl (2), off (2), sending (2), sleep (2), retrying (2), retries (2), delayed (2), miliseconds (2), delay (2), body (2), max_cache_size (2), 256 (2), ibrowse_max_sessions (2), ibrowse_max_pipeline_size (2), dependency (2), problems (2), errors (2), given (2), stale (2), entry (2), cbv_cache_enabled (2), enabling (2), receive (2), old (2), 3600 (2), cache_ttl (2), bulk_fetch_batch_size (2), links (2), derived (2), handle (2), sql_database (2), api_fqdn (2), outbound (2), onetrust (2), enable_onetrust (2), from_email (2), similar (2), named (2), ibrowse_options (2), http_max_count (2), http_max_connection_duration (2), http_max_age (2), http_init_count (2), http_cull_interval (2), sql_ro_user (2), sql_ro_password (2), worker_connections (2), worker_processes (2), determines (2), addresses (2), strict_host_header (2), time_iso8601 (2), listen_port (2), listen_host (2), allow_list (2), ssl_protocols (2), releases (2), later (2), older (2), 443 (2), ssl_port (2), ssl_ciphers (2), sendfile (2), redirects (2), webui (2), non_ssl_port (2), 31536000 (2), javascript (2), most (2), earlier (2), reindex (2), export (2), csc_lb_url (2), allow (2), first (2), 636 (2), tls_enabled (2), abcxyz (2), enter (2), terminal (2), leave (2), domainuser (2), escape (2), typically (2), base_dn (2), 600 (2), health (2), proxy (2), proxies (2), fully (2), qualified (2), authenticated (2), arriving (2), org (2), reporting (2), owner (2), secret_access_key (2), access_key_id (2), licensed (2), insecure_addon_compat (2), remediation (2), release (2), notes (2), share (2), what (2), scaffolding (2), attributehelper (2), attributedefault (2), useplatformhelpers (2), unnecessaryplatformcasestatement (2), unnecessaryoscheck (2), trueclassfalseclassresourceproperties (2), simplifyplatformmajorversioncheck (2), overlycomplexsupportsdependsmetadata (2), negatingonlyif (2), includerecipewithparentheses (2), immediatenotificationtiming (2), filemode (2), defaultcopyrightcomments (2), copyrightcommentformat (2), commentsentencespacing (2), commentformat (2), chefwhaaat (2), attributekeys (2), invalidlicensestring (2), insecurecookbookurl (2), includeresourceexamples (2), includeresourcedescriptions (2), includepropertydescriptions (2), emptymetadatafield (2), defaultmetadatamaintainer (2), sharing (2), sshprivatekey (2), unlessdefinedrequire (2), requirenethttps (2), legacypowershelloutmethods (2), gemspecrequirerubygems (2), gemspeclicense (2), usecreateifmissing (2), unnecessarynameproperty (2), unnecessarydesiredstate (2), suggestsmetadata (2), stringpropertywithnildefault (2), sensitivepropertyinresource (2), resourcewithnothingaction (2), replacesmetadata (2), recipemetadata (2), providesmetadata (2), propertywithrequiredanddefault (2), propertysplatregex (2), ohaiattributetostring (2), namepropertyisrequired (2), multipleplatformchecks (2), longdescriptionmetadata (2), groupingmetadata (2), doublecompiletime (2), customresourcewithallowedactions (2), conflictsmetadata (2), attributemetadata (2), aptrepositorynotifiesaptupdate (2), aptrepositorydistributiondefault (2), redundantcode (2), zipfileresource (2), windowszipfileusage (2), windowsscresource (2), windowsregistryuac (2), whyrunsupportedtrue (2), useszypperrepo (2), userequirerelative (2), usemultipackageinstalls (2), usecheflanguagesystemdhelper (2), usecheflanguageenvhelpers (2), usecheflanguagecloudhelpers (2), usebuildessentialresource (2), unnecessarymixlibshelloutrequire (2), unnecessarydependschef15 (2), unnecessarydependschef14 (2), sysctlparamresource (2), simplifyaptppasetup (2), shellouttochocolatey (2), shellouthelper (2), sevenziparchiveresource (2), setorreturninresources (2), respondtoresourcename (2), respondtoprovides (2), respondtoinmetadata (2), respondtocompiletime (2), resourcenamefrominitialize (2), resourceforcingcompiletime (2), providesfrominitialize (2), propertywithnameattribute (2), powershellscriptexpandarchive (2), powershellinstallwindowsfeature (2), powershellinstallpackage (2), powershellguardinterpreter (2), osxconfigprofileresource (2), opensslx509resource (2), opensslrsakeyresource (2), noderolesinclude (2), nodeinitpackage (2), minitesthandlerusage (2), macosxuserdefaults (2), libarchivefileresource (2), legacyberksfilesource (2), includingwindowsdefaultrecipe (2), includingohaidefaultrecipe (2), includingmixinshelloutinresources (2), includingaptdefaultrecipe (2), ifprovidesdefaultaction (2), foodcriticcomments (2), executetzutil (2), executesysctl (2), executesleep (2), executescexe (2), executeaptupdate (2), emptyresourceinitializemethod (2), dslincludeinresource (2), dependsonzyppercookbook (2), dependsonwindowsfirewallcookbook (2), dependsontimezonelwrpcookbook (2), dependsonopensslcookbook (2), dependsonlocalecookbook (2), dependsonkernelmodulecookbook (2), dependsonchocolateycookbooks (2), dependsonchefvaultcookbook (2), definitions (2), defineschefspecmatchers (2), defaultactionfrominitialize (2), declareactionclass (2), databaghelpers (2), customresourcewithattributes (2), cronmanageresource (2), crondfileortemplate (2), conditionalusingtest (2), classevalactionclass (2), chefgemnokogiri (2), allowedactionsfrominitialize (2), actionmethodinresource (2), modernize (2), searchforenvironmentsorroles (2), dependschefvault (2), cookbookusessearch (2), cookbookusesroles (2), cookbookusespolicygroups (2), cookbookusesenvironments (2), cookbookusesdatabags (2), chefvaultused (2), berksfile (2), windowsversionhelpers (2), windowstaskchangeaction (2), windowspackageinstallertypestring (2), windowsfeatureservermanagercmd (2), verifypropertyusesfileexpansion (2), useyamldump (2), usesruncommandhelper (2), usesdeprecatedmixins (2), useschefresthelpers (2), userdeprecatedsupportsproperty (2), useinlineresourcesdefined (2), useautomaticresourcename (2), searchusespositionalparameters (2), rubyblockcreateaction (2), ruby27keywordargumentwarnings (2), resourcewithoutunifiedtrue (2), resourceusesupdatedmethod (2), resourceusesproviderbasemethod (2), resourceusesonlyresourcename (2), resourceusesdslnamemethod (2), resourceoverridesprovidesmethod (2), resourceinheritsfromcompatresource (2), requirerecipe (2), powershellcookbookhelpers (2), policyfilecommunitysource (2), poisearchiveusage (2), partialsearchhelperusage (2), partialsearchclassusage (2), nodesetwithoutlevel (2), nodesetunless (2), nodeset (2), nodemethodsinsteadofattributes (2), nodedeepfetch (2), namepropertywithdefaultvalue (2), macosuserdefaultsglobalproperty (2), logresourcenotifications (2), localedeprecatedlcallproperty (2), librarianchefspec (2), legacyyumcookbookrecipes (2), legacynotifysyntax (2), launchddeprecatedhashproperty (2), includingyumdnfcompatrecipe (2), includingxmlrubyrecipe (2), hwrpwithoutunifiedtrue (2), hwrpwithoutprovides (2), foodcritictesting (2), foodcriticfile (2), executerelativecreateswithoutcwd (2), executepathproperty (2), erlcallresource (2), epicfail (2), eolauditmodeusage (2), easyinstallresource (2), deprecatedyumrepositoryproperties (2), deprecatedyumrepositoryactions (2), deprecatedwindowsversioncheck (2), deprecatedsudoactions (2), deprecatedshelloutmethods (2), deprecatedplatformmethods (2), deprecatedchefspecplatform (2), dependsonomnibusupdatercookbook (2), dependsonchefreportingcookbook (2), dependsonchefnginxcookbook (2), delivery (2), cookbooksdependsonself (2), cookbookdependsonpoise (2), cookbookdependsonpartialsearch (2), cookbookdependsoncompatresource (2), chocolateypackageuninstallaction (2), chefwindowsplatformhelper (2), chefsugarhelpers (2), chefspeclegacyrunner (2), chefspeccoveragereport (2), chefshellout (2), chefrewind (2), chefhandlerusessupports (2), chefhandlerrecipe (2), cheffile (2), chefdkgenerators (2), tmppath (2), supportsmustbefloat (2), serviceresource (2), scopedfileexist (2), resourcewithnoneaction (2), resourcesetsnameproperty (2), resourcesetsinternalproperties (2), propertywithouttype (2), powershellscriptdeletefile (2), powershellfileexists (2), opensslpasswordhelpers (2), octalmodeasstring (2), notifiesactionnotsymbol (2), nodenormalunless (2), nodenormal (2), metadatamissingversion (2), metadatamissingname (2), metadatamalformeddepends (2), malformedplatformvalueforplatformhelper (2), macosuserdefaultsinvalidtype (2), lazyinresourceguard (2), lazyevalnodeattributedefaults (2), invalidversionmetadata (2), invalidplatformvalueforplatformhelper (2), invalidplatformvalueforplatformfamilyhelper (2), invalidplatformmetadata (2), invalidplatformincase (2), invalidplatformhelper (2), invalidplatformfamilyincase (2), invalidplatformfamilyhelper (2), invalidnotificationtiming (2), invalidnotificationresource (2), invaliddefaultaction (2), invalidcookbookname (2), incorrectlibraryinjection (2), emptyresourceguard (2), dnfpackageallowdowngrades (2), cookbookusesnodesave (2), conditionalrubyshellout (2), chefapplicationfatal (2), blockguardwithonlystring (2), correctness (2), v25 (2), v26 (2), tuning (2), tiered (2), installation (2), airgap (2), planning (2), plan (2), refresh (2), strategy (2), membership (2), rbac (2), rotate (2), certs (2), separate (2), scale (2), artifactory (2), artifact (2), warm (2), spare (2), env (2), windows_update_settings (2), windows_power_management (2), windows_password_policy (2), windows_ie_esc (2), windows_firewall (2), windows_disk_encryption (2), windows_desktop_winrm_settings (2), windows_desktop_screensaver (2), windows_defender_exclusion (2), windows_defender (2), windows_choco_installer (2), windows_automatic_logout (2), windows_app_management (2), windows_admin_control (2), rescue_account (2), macos_power_management (2), macos_password_policy (2), macos_firewall (2), macos_disk_encryption (2), macos_desktop_screensaver (2), macos_automatic_software_updates (2), macos_automatic_logout (2), macos_app_management (2), macos_admin_control (2), touch (2), redirect (2), sso (2), opsworks (2), skills (2), administration (2), guides (2), enroll (2), clis (2), san (2), best (2), practices (2), flags (2), cli (2), architecture (2), incident (2), servicenow (2), marketplace (2), scan (2), reports (2), eas (2), event (2), feed (2), teams (2), policies (2), projects (2), lifecycle (2), feeds (2), cleanup (2), monitoring (2), centralize (2), ingestion (2), invalid (2), telemetry (2), session (2), disclosure (2), panel (2), banner (2), topics (2), bastion (2), sudo (2), rds (2), vpc (2), cidr (2), faqs (2), benchmarks (2), custom (2), bootstrapping (2), generation (2), existing (2), efs (2), back (2), customer (2), airgapped (2), tutorial (2), shortcodes (2), matter (2), reuse (2), hugo (2), procedures (2), tables (2), headings (2), notices (2), markdown (2), lists (2), linking (2), tools (2), house (2), contribute (2), guidelines (2), contributions (2), commercial (2), training (2), blog (2), main (2), certain, registered, countries, markings, inclusion, imply, endorsement, affiliation, sponsorship, copyright, 2026, last, january, privacy, trademark, site, map, thank, submit, fill, ask, contact, still, stuck, edit, help, was, helpful, built, processed, means, conditional, recipes, templates, associated, authorized, issued, special, pulled, indexes, searching, timely, serve, owned, world, writeable, allows, regardless, targeted, expert, practitioners, delivering, isolated, agent, further, explanation, found, development, saves, save, save_frequency, 16379, nearest, ttl, operation, maxmemory_policy, bytes, maxmemory, verbose, loglevel, asynchronously, appendonly, once, second, everysec, let, flush, writes, waiting, appendfsync, compared, aof_rewrite_percent, 16mb, aof_rewrite_min_size, rehashing, activerehashing, onwards, underneath, functions, supposed, fork, continue, populate, ssl_versions, reindexer_vhost, rabbit_mgmt_timeout, rabbit_mgmt_ibrowse_options, rabbit_mgmt_http_max_count, rabbit_mgmt_http_max_connection_duration, rabbit_mgmt_http_max_age, rabbit_mgmt_http_init_count, rabbit_mgmt_http_cull_interval, queue_length_monitor_vhost, alaska, queue_length_monitor_queue, calls, overloaded, queue_length_monitor_timeout_millis, checked, queue_length_monitor_millis, queue_length_monitor_enabled, queue_at_capacity_affects_overall_status, prevent_erchef_startup_on_full_capacity, rabbit, nodename, 5672, node_port, node_ip_address, rabbitmgmt, management_user, 15672, management_port, management_enabled, drop_on_full_capacity, hotsauce, queued, drops, make, room, analytics_max_length, actions_vhost, actions_password, exchange, actions_exchange, 8mb, sorting, work_mem, hardcoded, user_path, 7200, pg_upgrade_timeout, clear, sslmode, 17179869184, shmmax, 4194304, shmall, shared_buffers, 5432, encrypt, hashes, 350, concurrent, logged, disabled, slow, log_min_duration_statement, source, listen_address, keepalives_interval, remain, resume, keepalives_idle, proves, dropping, keepalives_count, effective_cache_size, db_superuser_password, dashes, replaced, underscores, opscode_pgsql, db_connection_superuser, 30s, filled, checkpoint_warning, 5min, checkpoint_timeout, checkpoint_segments, quickly, relation, status, checkpoint_completion_target, documentation, supports, listening, raise, buffer, amout, pending, ram_buffer_size, secondary, polls, primary, poll_seconds, variable, segment, merge_factor, merged, 2147483647, max_merge_docs, complete, building, 100000, max_field_length, max_commit_docs, log_gc, empty, ip_address, ec11, smaller, commit_interval, soft, commit, triggered, auto_soft_commit, reindexer_log_directory, latency, calculating, exact, impact, capps, 000, validator, validation_client_name, 0022, umask, udp_socket_pool_size, could, affect, determined, redundant, checks, been, picks, batch, search_queue_mode, search_provider, opensearch_user, search_auth_username, search_auth_password, connecting, mainly, manually, eliminate, some, buckets, future, s3_url_type, 28800, bootstraps, specific, fifteen, 15m, s3_url_expiry_window_size, s3_parallel_ops_timeout, s3_parallel_ops_fanout, bucket, locations, s3_bucket, chefapi, root_metric_key, case, reindex_item_retries, 500, items, fetch, reindex_batch_size, 8000, serves, cached, nginx_bookshelf_caching, 2000000, 413, entity, max_request_size, include, server_version, include_version_in_status, enable_ibrowse_traces, premium, enable_actionlog, unsolved, depsolver, workers, seeing, 503, unavailable, pgrep, depselector, depsolver_worker_count, solved, depsolver_timeout, couchdb_max_conn, cleanup_batch_size, careful, increasing, resolved, increment, approach, updating, cbv_cache_item_ttl, very, long, worth, makes, incrementing, give, subsequent, cookbook_versions, deserialized, applies, base_resource_url, authz_timeout, authz_fanout, auth_skew, knife, allow_email_update_only_from_manage, sandboxes, erlang, areas, solr_timeout, solr_ibrowse_options, solr_http_max_count, solr_http_max_connection_duration, solr_http_max_age, solr_http_init_count, solr_http_cull_interval, od_id, 9090, onetrust_id, consent, verification, email_from_address, none, mycompany, auth, chef_oauth2, callback, redirect_uri, define, user1, user2, administrators, webui_priv, pem, traffic, log_http_requests, tests, debug_org_creation, max_connection_request_limit, established, oc_erchef, authz, superuser_id, bifrost_ro, 9463, extended_perf_log, failures, indicate, ran, x_forwarded_proto, cpu, 10240, simultaneous, welcome, shown, show_welcome_page, useful, combination, use_implicit_hosts, jun, 2018, 0900, time_local, 2020, 21t07, time_format, tcp, transactions, tcp_nopush, nagle, buffering, algorithm, tcp_nodelay, nginx_status, 9999, accessing, matches, state, province, region, ssl_state_name, enhanced, defaulted, linux, unix, necessary, life, operations, ssl_organizational_unit_name, seattle, city, ssl_locality_name, ssl_email_address, country, ssl_country_name, youcorp, ssl_company_name, psk, cipher, suites, establish, aes256, ecdhe, forward, drop, prefix, link, sha, rsa, ssl_certificate_key, over, ssl_certificate, server_name, copy, descriptors, bound, otherwise, requires, master, nginx_no_root, http_x_forwarded_for, remote_addr, log_x_forwarded_for, keepalive_timeout, year, 63072000, till, browser, caches, hsts, hsts_max_age, rss, css, plain, mime, types, gzip_types, gzip_proxied, depending, gzip_http_version, fastest, slowest, gzip_comp_level, enable_stub_status, termination, hardware, endpoints, internet, ipv6, enable_ipv6, 250m, accepted, indicated, client_max_body_size, 5000m, parameter, directive, removes, recently, proxy_cache_path, max_size, cache_max_size, descriptive, displayed, interface, display, strings, system_adjective, cause, simple_tls, 389, configurations, samaccountname, holds, login_attribute, sure, resolve, filters, works, servers, openldap, overlay, provides, binding, unset, sufficient, need, characters, escaped, backslash, character, perform, needs, blank, exist, structure, missing, unable, proceed, 9683, oc_bifrost_port, 9680, chef_port, 9685, account_port, internal, couchdb_organizations, couchdb_groups, couchdb_containers, couchdb_associations, couchdb_association_requests, couchdb_acls, 503_mode, web_ui_fqdn, redis_keepalive_timeout, redis_connection_timeout, 250, redis_connection_pool_size, maint_refresh_interval, chef_server_webui, chef_min_version, chef_max_version, cache_cookbook_files, ban_refresh_interval, statistics, 9466, boolean, controls, included, overall, healthy, cannot, health_check, passed, choose, reject, check, signature, right, just, present, appended, correctly, uri, look, my_automate_server, sql_users, performs, quick_start, new_theme, add_type_and_bag_to_items, expected, indicates, generally, stream, downloading, improved, especially, behavior, stream_download, instances, 4321, tier, manual, role, addressed, notification_email, www, pricing, visit, upgrade_url, donotreply, invitations, installed, install_path, supporting, compatibility, rendering, written, kernel, force, flavor, org_name, default_orgname, api_version, reconfigured, sections, describe, various, menu,
Text of the page (random words):
iedtrue includingxmlrubyrecipe includingyumdnfcompatrecipe launchddeprecatedhashproperty legacynotifysyntax legacyyumcookbookrecipes librarianchefspec localedeprecatedlcallproperty logresourcenotifications macosuserdefaultsglobalproperty namepropertywithdefaultvalue nodedeepfetch nodemethodsinsteadofattributes nodeset nodesetunless nodesetwithoutlevel partialsearchclassusage partialsearchhelperusage poisearchiveusage policyfilecommunitysource powershellcookbookhelpers requirerecipe resourceinheritsfromcompatresource resourceoverridesprovidesmethod resourceusesdslnamemethod resourceusesonlyresourcename resourceusesproviderbasemethod resourceusesupdatedmethod resourcewithoutunifiedtrue ruby27keywordargumentwarnings rubyblockcreateaction searchusespositionalparameters useautomaticresourcename useinlineresourcesdefined userdeprecatedsupportsproperty useschefresthelpers usesdeprecatedmixins usesruncommandhelper useyamldump verifypropertyusesfileexpansion windowsfeatureservermanagercmd windowspackageinstallertypestring windowstaskchangeaction windowsversionhelpers chef effortless berksfile chefvaultused cookbookusesdatabags cookbookusesenvironments cookbookusespolicygroups cookbookusesroles cookbookusessearch dependschefvault searchforenvironmentsorroles chef modernize actionmethodinresource allowedactionsfrominitialize chefgemnokogiri classevalactionclass conditionalusingtest crondfileortemplate cronmanageresource customresourcewithattributes databaghelpers declareactionclass defaultactionfrominitialize defineschefspecmatchers definitions dependsonchefvaultcookbook dependsonchocolateycookbooks dependsonkernelmodulecookbook dependsonlocalecookbook dependsonopensslcookbook dependsontimezonelwrpcookbook dependsonwindowsfirewallcookbook dependsonzyppercookbook dslincludeinresource emptyresourceinitializemethod executeaptupdate executescexe executesleep executesysctl executetzutil foodcriticcomments ifprovidesdefaultaction includingaptdefaultrecipe includingmixinshelloutinresources includingohaidefaultrecipe includingwindowsdefaultrecipe legacyberksfilesource libarchivefileresource macosxuserdefaults minitesthandlerusage nodeinitpackage noderolesinclude opensslrsakeyresource opensslx509resource osxconfigprofileresource powershellguardinterpreter powershellinstallpackage powershellinstallwindowsfeature powershellscriptexpandarchive propertywithnameattribute providesfrominitialize resourceforcingcompiletime resourcenamefrominitialize respondtocompiletime respondtoinmetadata respondtoprovides respondtoresourcename setorreturninresources sevenziparchiveresource shellouthelper shellouttochocolatey simplifyaptppasetup sysctlparamresource unnecessarydependschef14 unnecessarydependschef15 unnecessarymixlibshelloutrequire usebuildessentialresource usecheflanguagecloudhelpers usecheflanguageenvhelpers usecheflanguagesystemdhelper usemultipackageinstalls userequirerelative useszypperrepo whyrunsupportedtrue windowsregistryuac windowsscresource windowszipfileusage zipfileresource chef redundantcode aptrepositorydistributiondefault aptrepositorynotifiesaptupdate attributemetadata conflictsmetadata customresourcewithallowedactions doublecompiletime groupingmetadata longdescriptionmetadata multipleplatformchecks namepropertyisrequired ohaiattributetostring propertysplatregex propertywithrequiredanddefault providesmetadata recipemetadata replacesmetadata resourcewithnothingaction sensitivepropertyinresource stringpropertywithnildefault suggestsmetadata unnecessarydesiredstate unnecessarynameproperty usecreateifmissing chef ruby gemspeclicense gemspecrequirerubygems legacypowershelloutmethods requirenethttps unlessdefinedrequire chef security sshprivatekey chef sharing defaultmetadatamaintainer emptymetadatafield includepropertydescriptions includeresourcedescriptions includeresourceexamples insecurecookbookurl invalidlicensestring chef style attributekeys chefwhaaat commentformat commentsentencespacing copyrightcommentformat defaultcopyrightcomments filemode immediatenotificationtiming includerecipewithparentheses negatingonlyif overlycomplexsupportsdependsmetadata simplifyplatformmajorversioncheck trueclassfalseclassresourceproperties unnecessaryoscheck unnecessaryplatformcasestatement useplatformhelpers inspec deprecations attributedefault attributehelper effortless pattern effortless overview quick start effortless audit effortless config variables and config what is scaffolding supermarket about supermarket share cookbooks private supermarket about private supermarket install configure backup and restore monitor log files upgrades reference supermarket ctl supermarket api release notes chef 360 platform chef automate chef backend chef download apis chef habitat chef infra client chef infra server chef inspec chef local license service chef manage chef migrate chef supermarket chef workstation chef compliance chef compliance audit profiles chef compliance remediation chef cloud resource packs aws cloud resources azure cloud resources legacy chef manage about the management console uninstall manage rb chef manage ctl active directory ldap configure saml clients cookbooks data bags environments nodes roles organizations groups users uninstall available on github downloads send feedback support chef server rb optional settings table of contents the etc opscode chef server rb file contains all of the non default configuration settings used by the chef infra server the default settings are built into the chef infra server configuration and should only be added to the chef server rb file to apply non default values these configuration settings are processed when the chef server ctl reconfigure command is run the chef server rb file is a ruby file which means that conditional statements can be used within it settings the following sections describe the various settings that are available in the chef server rb file note when changes are made to the chef server rb file the chef infra server must be reconfigured by running the following command chef server ctl reconfigure general this configuration file has the following general settings addons install default value false addons path default value nil addons packages default value w chef manage api_version the version of the chef infra server default value 12 0 0 default_orgname the org_name part of the organizations endpoint in chef infra server flavor default value cs setting new in chef infra server 14 fips set to true to run the server in fips compliance mode set to false to force the server to run without fips compliance mode default value the value in the kernel configuration note chef infra server versions earlier than 14 5 configured with nginx enable_non_ssl false and fips true require export csc_lb_url https 127 0 0 1 to run the command chef server ctl reindex options insecure_addon_compat set to true to keep chef infra server compatible with older add on versions by rendering secrets and credentials to etc opscode chef server running json and other files in etc opscode when set to false secrets are only written to etc opscode private chef secrets json and not to any other files default value true see add on compatibility for the minimum add on versions supporting insecure_addon_compat false install_path the directory in which the chef infra server is installed default value opt opscode from_email the email address from which invitations to the chef management console are sent default value opscode donotreply chef io license nodes the number of licensed nodes default value 25 license upgrade_url the url to visit for more information about how to update the number of nodes licensed for an organization default value https www chef io pricing notification_email the email addressed to which email notifications are sent default value pc default chef io role the configuration type of the chef infra server possible values backend frontend or standalone default value standalone topology the topology of the chef infra server possible values manual standalone and tier default value standalone bookshelf the bookshelf service is an amazon simple storage service s3 compatible service that is used to store cookbooks including all of the files recipes templates and so on that are associated with each cookbook note to configure the server for external cookbook storage updates are made to settings for both the bookshelf and opscode erchef services this configuration file has the following settings for bookshelf bookshelf access_key_id deprecated use chef server ctl set secret bookshelf access_key_id from the secrets management commands the access key identifier this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value generated bookshelf data_dir the directory in which on disk data is stored the default value is the recommended value default value var opt opscode bookshelf data bookshelf dir the working directory the default value is the recommended value default value var opt opscode bookshelf bookshelf enable enable a service default value true bookshelf enable_request_logging use to configure request logging for the bookshelf service default value false bookshelf external_url the base url to which the service is to return links to api resources use host_header to ensure the url is derived from the host header of the incoming http request default value host_header bookshelf listen the ip address on which the service is to listen default value 127 0 0 1 bookshelf log_directory the directory in which log data is stored the default value is the recommended value default value var log opscode bookshelf bookshelf log_rotation the log rotation policy for this service log files are rotated when they exceed file_maxbytes the maximum number of log files in the rotation is defined by num_to_keep default value file_maxbytes 104857600 num_to_keep 10 bookshelf port the port on which the service is to listen default value 4321 bookshelf secret_access_key deprecated use chef server ctl set secret bookshelf secret_access_key from the secrets management commands the secret key this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value generated bookshelf storage_type determines where cookbooks are stored default value filesystem in instances that require cookbooks to be stored within a sql backend such as in a high availability setup you must set storage_type to sql bookshelf storage_type sql bookshelf stream_download enable stream downloading of cookbooks this setting when true typically results in improved cookbook download performance especially with the memory usage of the bookshelf service and the behavior of load balancers and proxies in between chef infra client and the chef infra server default value true bookshelf sql_connection_user the postgresql user name in username hostname format e g bookshelf my_postgresql postgres database azure com where username would normally equal the value of bookshelf sql_user default bookshelf this setting is required in an external azure postgresql database as a service configuration if set to nil chef infra server assumes that the database is not on azure and the postgresql connection will be made using the value specified in bookshelf sql_user default value nil bookshelf vip the virtual ip address this may point at an external storage location such as amazon ec2 see aws external bookshelf settings for more information on configuring external bookshelf default value 127 0 0 1 bootstrap this configuration file has the following settings for bootstrap bootstrap enable indicates whether an attempt to bootstrap the chef infra server is made generally only enabled on systems that have bootstrap enabled via a server entry default value true compliance forwarding the configuration file has the following settings for forwarding compliance requests using the chef infra server authentication system profiles root_url if set any properly signed requests arriving at organizations orgname owners owner compliance will be forwarded to this url this is expected to be a fully qualified resource e g http compliance example org owners owner compliance dark_launch this configuration file has the following settings for dark_launch dark_launch actions enable chef actions default value true dark_launch add_type_and_bag_to_items default value true dark_launch new_theme default value true dark_launch private chef default value true dark_launch quick_start default value false dark_launch reporting enable reporting which performs data collection during a chef infra client run default value true dark_launch sql_users default value true data_collector this configuration file has the following settings for data_collector data_collector root_url the fully qualified url to the data collector server api when present it will enable the data collector in opscode erchef this also enables chef infra server authenticated forwarding any properly signed requests arriving at organizations orgname data collector to this url with the data collector token appended this is also target for requests authenticated and forwarded by the organizations orgname data collector endpoint for the forwarding to work correctly the data_collector token field must also be set for example if the data collector in chef automate is being used the uri would look like http my_automate_server example org data collector v0 data_collector proxy if set to true chef infra server will proxy all requests sent to data collector to the configured chef automate data_collector root_url note that this route does not check the request signature and add the right data_collector token but just proxies the chef automate endpoint as is default value nil data_collector token deprecated use chef server ctl set secret data_collector token from the secrets management commands legacy configuration for shared data collector security token when configured the token will be passed as an http header named x data collector token which the server can choose to accept or reject data_collector timeout the amount of time in milliseconds before a request to the data collector api times out default value 30000 data_collector http_init_count the initial worker count for the http connection pool that is used by the data collector default value 25 data_collector http_max_count the maximum worker count for the http connection pool that is used by the data collector default value 100 data_collector http_max_age the maximum connection worker age in seconds for the http connection pool that is used by the data collector default value 70 sec data_collector http_cull_interval the maximum cull interval in minutes for the http connection pool that is used by the data collector default value 1 min data_collector http_max_connection_duration the maximum connectio...
|