Server Configuration
All parameters listed here correspond to settings in tb-edge.yml (or tb-edge.conf on Linux). Set them as environment variables in /etc/tb-edge/conf/tb-edge.conf (Linux) or as container environment variables (Docker / Kubernetes). For instructions on applying changes, see How to change configuration.
Server common parameters
Section titled “Server common parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
server.address | HTTP_BIND_ADDRESS | 0.0.0.0 | Server bind-address |
server.port | HTTP_BIND_PORT | 8080 | Server bind port |
server.forward_headers_strategy | HTTP_FORWARD_HEADERS_STRATEGY | framework | Server forward headers strategy. Required for SWAGGER UI when reverse proxy is used |
server.ssl.enabled | SSL_ENABLED | false | Enable/disable SSL support |
server.ssl.credentials.type | SSL_CREDENTIALS_TYPE | PEM | Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore) |
server.ssl.credentials.pem.cert_file | SSL_PEM_CERT | server.pem | Path to the server certificate file (holds server certificate or certificate chain, may include server private key) |
server.ssl.credentials.pem.key_file | SSL_PEM_KEY | server_key.pem | Path to the server certificate private key file (optional). Required if the private key is not present in the server certificate file |
server.ssl.credentials.pem.key_password | SSL_PEM_KEY_PASSWORD | server_key_password | Server certificate private key password (optional) |
server.ssl.credentials.keystore.type | SSL_KEY_STORE_TYPE | PKCS12 | Type of the key store (JKS or PKCS12) |
server.ssl.credentials.keystore.store_file | SSL_KEY_STORE | classpath:keystore/keystore.p12 | Path to the key store that holds the SSL certificate |
server.ssl.credentials.keystore.store_password | SSL_KEY_STORE_PASSWORD | thingsboard | Password used to access the key store |
server.ssl.credentials.keystore.key_alias | SSL_KEY_ALIAS | tomcat | Key alias |
server.ssl.credentials.keystore.key_password | SSL_KEY_PASSWORD | thingsboard | Password used to access the key |
server.http.max_payload_size | HTTP_MAX_PAYLOAD_SIZE_LIMIT_CONFIGURATION | /api/image*/**=52428800;/api/resource/**=52428800;/api/**=16777216 | Semi-colon-separated list of urlPattern=maxPayloadSize pairs that define max http request size for specified url pattern. After first match all other will be skipped |
server.http2.enabled | HTTP2_ENABLED | true | Enable/disable HTTP/2 support |
server.log_controller_error_stack_trace | HTTP_LOG_CONTROLLER_ERROR_STACK_TRACE | false | Log errors with stacktrace when REST API throws an exception with the message “Please contact sysadmin” |
server.ws.send_timeout | TB_SERVER_WS_SEND_TIMEOUT | 5000 | Timeout for sending data to client WebSocket session in milliseconds |
server.ws.ping_timeout | TB_SERVER_WS_PING_TIMEOUT | 30000 | recommended timeout >= 30 seconds. The platform will attempt to send a ‘ping’ request 3 times within the timeout |
server.ws.dynamic_page_link.refresh_interval | TB_SERVER_WS_DYNAMIC_PAGE_LINK_REFRESH_INTERVAL_SEC | 60 | Refresh rate of the dynamic alarm end entity data queries |
server.ws.dynamic_page_link.refresh_pool_size | TB_SERVER_WS_DYNAMIC_PAGE_LINK_REFRESH_POOL_SIZE | 1 | Thread pool size to execute dynamic queries |
server.ws.dynamic_page_link.max_alarm_queries_per_refresh_interval | TB_SERVER_WS_MAX_ALARM_QUERIES_PER_REFRESH_INTERVAL | 10 | Maximum number of dynamic queries per refresh interval. For example, no more than 10 alarm queries are executed by the user simultaneously in all browsers. |
server.ws.dynamic_page_link.max_per_user | TB_SERVER_WS_DYNAMIC_PAGE_LINK_MAX_PER_USER | 10 | Maximum number of dynamic queries per user. For example, no more than 10 alarm widgets opened by the user simultaneously in all browsers |
server.ws.max_entities_per_data_subscription | TB_SERVER_WS_MAX_ENTITIES_PER_DATA_SUBSCRIPTION | 10000 | Maximum number of entities returned for single entity subscription. For example, no more than 10,000 entities on the map widget |
server.ws.max_entities_per_alarm_subscription | TB_SERVER_WS_MAX_ENTITIES_PER_ALARM_SUBSCRIPTION | 10000 | Maximum number of alarms returned for single alarm subscription. For example, no more than 10,000 alarms on the alarm widget |
server.ws.max_queue_messages_per_session | TB_SERVER_WS_DEFAULT_QUEUE_MESSAGES_PER_SESSION | 1000 | Maximum queue size of the websocket updates per session. This restriction prevents infinite updates of WS |
server.ws.auth_timeout_ms | TB_SERVER_WS_AUTH_TIMEOUT_MS | 10000 | Maximum time between WS session opening and sending auth command |
server.ws.rate_limits.subscriptions_per_tenant | TB_SERVER_WS_SUBSCRIPTIONS_PER_TENANT_RATE_LIMIT | _(empty)_ | Per-tenant rate limit for WS subscriptions |
server.ws.rate_limits.subscriptions_per_user | TB_SERVER_WS_SUBSCRIPTIONS_PER_USER_RATE_LIMIT | _(empty)_ | Per-user rate limit for WS subscriptions |
server.rest.server_side_rpc.min_timeout | MIN_SERVER_SIDE_RPC_TIMEOUT | 5000 | Minimum value of the server-side RPC timeout. May override value provided in the REST API call. Since 2.5 migration to queues, the RPC delay depends on the size of the pending messages in the queue. So default UI parameter of 500ms may not be sufficient for loaded environments. |
server.rest.server_side_rpc.default_timeout | DEFAULT_SERVER_SIDE_RPC_TIMEOUT | 10000 | Default value of the server-side RPC timeout. |
server.rest.rate_limits.reset_password_per_user | RESET_PASSWORD_PER_USER_RATE_LIMIT_CONFIGURATION | 5:3600 | Limit that prohibits resetting the password for the user too often. The value of the rate limit. By default, no more than 5 requests per hour |
Application info parameters
Section titled “Application info parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
app.version | _(none)_ | "@project.version@" | Application version |
Zookeeper connection parameters
Section titled “Zookeeper connection parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
zk.enabled | ZOOKEEPER_ENABLED | false | Enable/disable zookeeper discovery service. |
zk.url | ZOOKEEPER_URL | localhost:2181 | Zookeeper connect string |
zk.retry_interval_ms | ZOOKEEPER_RETRY_INTERVAL_MS | 3000 | Zookeeper retry interval in milliseconds |
zk.connection_timeout_ms | ZOOKEEPER_CONNECTION_TIMEOUT_MS | 3000 | Zookeeper connection timeout in milliseconds |
zk.session_timeout_ms | ZOOKEEPER_SESSION_TIMEOUT_MS | 3000 | Zookeeper session timeout in milliseconds |
zk.zk_dir | ZOOKEEPER_NODES_DIR | /thingsboard | Name of the directory in zookeeper ‘filesystem’ |
zk.recalculate_delay | ZOOKEEPER_RECALCULATE_DELAY_MS | 0 | The recalculate_delay property is recommended in a microservices architecture setup for rule-engine services. This property provides a pause to ensure that when a rule-engine service is restarted, other nodes don’t immediately attempt to recalculate their partitions. The delay is recommended because the initialization of rule chain actors is time-consuming. Avoiding unnecessary recalculations during a restart can enhance system performance and stability. |
Cluster parameters
Section titled “Cluster parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
cluster.stats.enabled | TB_CLUSTER_STATS_ENABLED | false | Enable/Disable the cluster statistics. Calculates the number of messages sent between cluster nodes based on each type |
cluster.stats.print_interval_ms | TB_CLUSTER_STATS_PRINT_INTERVAL_MS | 10000 | Interval of printing the cluster stats to the log file |
Plugins configuration parameters
Section titled “Plugins configuration parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
plugins.scan_packages | PLUGINS_SCAN_PACKAGES | org.thingsboard.server.extensions,org.thingsboard.rule.engine | Comma-separated package list used during classpath scanning for plugins |
Spring CORS configuration parameters
Section titled “Spring CORS configuration parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
spring.mvc.cors.mappings."[/api/**]".allowed-origin-patterns | _(none)_ | "*" | Comma-separated list of origins to allow. ’*’ allows all origins. When not set, CORS support is disabled. |
spring.mvc.cors.mappings."[/api/**]".allowed-methods | _(none)_ | "*" | Comma-separated list of methods to allow. ’*’ allows all methods. |
spring.mvc.cors.mappings."[/api/**]".allowed-headers | _(none)_ | "*" | Comma-separated list of headers to allow in a request. ’*’ allows all headers. |
spring.mvc.cors.mappings."[/api/**]".max-age | _(none)_ | "1800" | How long, in seconds, the response from a pre-flight request can be cached by clients. |
spring.mvc.cors.mappings."[/api/**]".allow-credentials | _(none)_ | "true" | Set whether credentials are supported. When not set, credentials are not supported. |
General spring parameters
Section titled “General spring parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
spring.main.allow-circular-references | _(none)_ | "true" | Spring Boot configuration property that controls whether circular dependencies between beans are allowed. |
spring.freemarker.checkTemplateLocation | _(none)_ | "false" | spring freemarker configuration |
spring.mvc.async.request-timeout | SPRING_MVC_ASYNC_REQUEST_TIMEOUT | 30000 | The default timeout for asynchronous requests in milliseconds |
spring.mvc.pathmatch.matching-strategy | _(none)_ | "ANT_PATH_MATCHER" | For endpoints matching in Swagger |
spring.resources.chain.compressed | _(none)_ | "true" | This property enables or disables support for serving pre-compressed resources (for example, a .gzip or .br file) |
spring.resources.chain.strategy.content.enabled | _(none)_ | "true" | This property enables or disables the content Version Strategy. This strategy allows Spring to generate a unique version for static resources, which is based on the content of the resource |
spring.servlet.multipart.max-file-size | SPRING_SERVLET_MULTIPART_MAX_FILE_SIZE | 50MB | Total file size cannot exceed 50MB when configuring file uploads |
spring.servlet.multipart.max-request-size | SPRING_SERVLET_MULTIPART_MAX_REQUEST_SIZE | 50MB | Total request size for a multipart/form-data cannot exceed 50MB |
spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation | _(none)_ | "true" | Fix Postgres JPA Error (Method org.postgresql.jdbc.PgConnection.createClob() is not yet implemented) |
spring.jpa.properties.hibernate.order_by.default_null_ordering | SPRING_JPA_PROPERTIES_HIBERNATE_ORDER_BY_DEFAULT_NULL_ORDERING | last | Note: as for current Spring JPA version, custom NullHandling for the Sort.Order is ignored and this parameter is used |
spring.jpa.properties.hibernate.dialect | SPRING_JPA_DIALECT | org.thingsboard.server.dao.ThingsboardPostgreSQLDialect | we use custom dialect that contains ilike(arg1, arg2) function (is interpreted to postgres ILIKE operator) |
Spring doc common parameters
Section titled “Spring doc common parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
springdoc.api-docs.enabled | SWAGGER_ENABLED | true | If false swagger API docs will be unavailable |
springdoc.default-produces-media-type | SWAGGER_DEFAULT_PRODUCES_MEDIA_TYPE | application/json | Swagger default produces media-type |
Swagger common parameters
Section titled “Swagger common parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
swagger.api_path | SWAGGER_API_PATH | /api/** | General swagger match pattern of swagger UI links |
swagger.security_path_regex | SWAGGER_SECURITY_PATH_REGEX | /api/.* | General swagger match pattern path of swagger UI links |
swagger.non_security_path_regex | SWAGGER_NON_SECURITY_PATH_REGEX | /api/(?:noauth|v1)/.* | Nonsecurity API path match pattern of swagger UI links |
swagger.title | SWAGGER_TITLE | ThingsBoard REST API | The title on the API doc UI page |
swagger.description | SWAGGER_DESCRIPTION | ThingsBoard open-source IoT platform REST API documentation. | The description on the API doc UI page |
swagger.contact.name | SWAGGER_CONTACT_NAME | ThingsBoard team | The contact name on the API doc UI page |
swagger.contact.url | SWAGGER_CONTACT_URL | https://thingsboard.io | The contact URL on the API doc UI page |
swagger.contact.email | SWAGGER_CONTACT_EMAIL | [email protected] | The contact email on the API doc UI page |
swagger.license.title | SWAGGER_LICENSE_TITLE | Apache License Version 2.0 | The license title on the API doc UI page |
swagger.license.url | SWAGGER_LICENSE_URL | https://github.com/thingsboard/thingsboard/blob/master/LICENSE | Link to the license body on the API doc UI page |
swagger.version | SWAGGER_VERSION | _(empty)_ | The version of the API doc to display. Default to the package version. |
swagger.group_name | SWAGGER_GROUP_NAME | thingsboard | The group name (definition) on the API doc UI page. |
Metrics parameters
Section titled “Metrics parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
metrics.enabled | METRICS_ENABLED | false | Enable/disable actuator metrics. |
metrics.timer.percentiles | METRICS_TIMER_PERCENTILES | 0.5 | Metrics percentiles returned by actuator for timer metrics. List of double values (divided by ,). |
metrics.system_info.persist_frequency | METRICS_SYSTEM_INFO_PERSIST_FREQUENCY_SECONDS | 60 | Persist frequency of system info (CPU, memory usage, etc.) in seconds |
metrics.system_info.ttl | METRICS_SYSTEM_INFO_TTL_DAYS | 7 | TTL in days for system info timeseries |
General management parameters
Section titled “General management parameters”| Parameter | Env variable | Default | Description |
|---|---|---|---|
management.endpoints.web.exposure.include | _(none)_ | '${METRICS_ENDPOINTS_EXPOSE:info}' | Expose metrics endpoint (use value ‘prometheus’ to enable prometheus metrics). |
management.health.elasticsearch.enabled | _(none)_ | "false" | Enable the org.springframework.boot.actuate.elasticsearch.ElasticsearchRestClientHealthIndicator.doHealthCheck |