[#1898] Add missing config options

The "startEmpty" config option has been added to the example registry's admin guide. Fixes #1898 Signed-off-by: Kai Hudalla <[email protected]>
eclipse-hono · Apr 14, 2020 · 52e6742 · 52e6742
1 parent 523c458
commit 52e6742
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/site/documentation/content/admin-guide/device-registry-config.md b/site/documentation/content/admin-guide/device-registry-config.md
@@ -25,15 +25,15 @@ The following table provides an overview of the configuration variables and corr
 
 | Environment Variable<br>Command Line Option | Mandatory | Default | Description                                                             |
 | :------------------------------------------ | :-------: | :------ | :-----------------------------------------------------------------------|
-| `HONO_APP_MAX_INSTANCES`<br>`--hono.app.maxInstances` | no | *#CPU cores* | The number of verticle instances to deploy. If not set, one verticle per processor core is deployed. |
 | `HONO_APP_TYPE`<br>`--hono.app.type` | no | `file` | The device registry implementation to use. This may be either `file` or `dummy`. In the case of `dummy` a dummy implementation will be used which will consider all devices queried for as valid devices, having the access credentials `hono-secret`. Of course this shouldn't be used for productive use. |
 | `HONO_CREDENTIALS_SVC_CACHE_MAX_AGE`<br>`--hono.credentials.svc.cacheMaxAge` | no | `180` | The maximum period of time (seconds) that information returned by the service's operations may be cached for. |
 | `HONO_CREDENTIALS_SVC_FILENAME`<br>`--hono.credentials.svc.filename` | no | `/var/lib/hono/device-registry/`<br>`credentials.json` | The path to the file where the server stores credentials of devices. Hono tries to read credentials from this file during start-up and writes out all identities to this file periodically if property `HONO_CREDENTIALS_SVC_SAVE_TO_FILE` is set to `true`.<br>Please refer to [Credentials File Format]({{< relref "#credentials-file-format" >}}) for details regarding the file's format. |
+| `HONO_CREDENTIALS_SVC_HASH_ALGORITHMS_WHITELIST`<br>`--hono.credentials.svc.hashAlgorithmsWhitelist` | no | `empty` | An array of supported hashing algorithms to be used with the `hashed-password` type of credentials. When not set, all values will be accepted. |
 | `HONO_CREDENTIALS_SVC_MAX_BCRYPT_ITERATIONS`<br>`--hono.credentials.svc.maxBcryptIterations` | no | `10` | The maximum number of iterations that are supported in password hashes using the BCrypt hash function. This limit is enforced by the device registry when adding or updating corresponding credentials. Increasing this number allows for potentially more secure password hashes to be used. However, the time required to compute the hash increases exponentially with the number of iterations. |
 | `HONO_CREDENTIALS_SVC_MODIFICATION_ENABLED`<br>`--hono.credentials.svc.modificationEnabled` | no | `true` | When set to `false` the credentials contained in the registry cannot be updated nor removed. |
 | `HONO_CREDENTIALS_SVC_RECEIVER_LINK_CREDIT`<br>`--hono.credentials.svc.receiverLinkCredit` | no | `100` | The number of credits to flow to a client connecting to the Credentials endpoint. |
 | `HONO_CREDENTIALS_SVC_SAVE_TO_FILE`<br>`--hono.credentials.svc.saveToFile` | no | `false` | When set to `true` the server will periodically write out the registered credentials to the file specified by the `HONO_CREDENTIALS_SVC_FILENAME` property. |
-| `HONO_CREDENTIALS_SVC_HASH_ALGORITHMS_WHITELIST`<br>`--hono.credentials.svc.hashAlgorithmsWhitelist` | no | `empty` | An array containing a whitelist of the authorised values for the hashing algorithms of the `hashed-password` type of credentials. When not set, all values will be accepted. |
+| `HONO_CREDENTIALS_SVC_STARTEMPTY`<br>`--hono.credentials.svc.startEmpty` | no | `false` | When set to `true` the server will not try to load credentials from the file specified by the `HONO_CREDENTIALS_SVC_FILENAME` property during startup. |
 | `HONO_DEVICE_CONNECTION_SVC_MAX_DEVICES_PER_TENANT`<br>`--hono.deviceConnection.svc.maxDevicesPerTenant` | no | `100` | The number of devices per tenant for which connection related data is stored. It is an error to set this property to a value <= 0. |
 | `HONO_REGISTRY_AMQP_BIND_ADDRESS`<br>`--hono.registry.amqp.bindAddress` | no | `127.0.0.1` | The IP address of the network interface that the secure AMQP port should be bound to.<br>See [Port Configuration]({{< relref "#port-configuration" >}}) below for details. |
 | `HONO_REGISTRY_AMQP_CERT_PATH`<br>`--hono.registry.amqp.certPath` | no | - | The absolute path to the PEM file containing the certificate that the server should use for authenticating to clients. This option must be used in conjunction with `HONO_REGISTRY_AMQP_KEY_PATH`.<br>Alternatively, the `HONO_REGISTRY_AMQP_KEY_STORE_PATH` option can be used to configure a key store containing both the key as well as the certificate. |
@@ -64,11 +64,13 @@ The following table provides an overview of the configuration variables and corr
 | `HONO_REGISTRY_SVC_SIGNING_KEY_PATH`<br>`--hono.registry.svc.signing.keyPath` | no  | - | The absolute path to the (PKCS8) PEM file containing the private key that the server should use for signing tokens asserting a device's registration status. When using this variable, other services that need to validate the tokens issued by this service need to be configured with the corresponding certificate/public key. Alternatively, a symmetric key can be used for signing (and validating) by setting the `HONO_REGISTRY_SVC_SIGNING_SHARED_SECRET` variable. If none of these variables is set, the server falls back to the key indicated by the `HONO_REGISTRY_AMP_KEY_PATH` variable. If that variable is also not set, startup of the server fails. |
 | `HONO_REGISTRY_SVC_SIGNING_SHARED_SECRET`<br>`--hono.registry.svc.signing.sharedSecret` | no  | - | A string to derive a symmetric key from that is used for signing tokens asserting a device's registration status. The key is derived from the string by using the bytes of the String's UTF8 encoding. When setting the signing key using this variable, other services that need to validate the tokens issued by this service need to be configured with the same key. Alternatively, an asymmetric key pair can be used for signing (and validating) by setting the `HONO_REGISTRY_SVC_SIGNING_KEY_PATH` variable. If none of these variables is set, startup of the server fails. |
 | `HONO_REGISTRY_SVC_SIGNING_TOKEN_EXPIRATION`<br>`--hono.registry.svc.signing.tokenExpiration` | no | `10` | The expiration period to use for the tokens asserting the registration status of devices. |
+| `HONO_REGISTRY_SVC_STARTEMPTY`<br>`--hono.registry.svc.startEmpty` | no | `false` | When set to `true` the server will not try to load device identities from the file specified by the `HONO_REGISTRY_SVC_FILENAME` property during startup. |
 | `HONO_TENANT_SVC_CACHE_MAX_AGE`<br>`--hono.tenant.svc.cacheMaxAge` | no | `180` | The maximum period of time (seconds) that information returned by the service's operations may be cached for. |
 | `HONO_TENANT_SVC_FILENAME`<br>`--hono.tenant.svc.filename` | no | `/var/lib/hono/device-registry/`<br>`tenants.json` | The path to the file where the server stores tenants. Hono tries to read tenants from this file during start-up and writes out all identities to this file periodically if property `HONO_TENANT_SVC_SAVE_TO_FILE` is set to `true`.<br>Please refer to [Tenants File Format]({{< relref "#tenants-file-format" >}}) for details regarding the file's format. |
 | `HONO_TENANT_SVC_MODIFICATION_ENABLED`<br>`--hono.tenant.svc.modificationEnabled` | no | `true` | When set to `false` the tenants contained in the registry cannot be updated nor removed. |
 | `HONO_TENANT_SVC_RECEIVER_LINK_CREDIT`<br>`--hono.tenant.svc.receiverLinkCredit` | no | `100` | The number of credits to flow to a client connecting to the Tenant endpoint. |
 | `HONO_TENANT_SVC_SAVE_TO_FILE`<br>`--hono.tenant.svc.saveToFile` | no | `false` | When set to `true` the server will periodically write out the registered tenants to the file specified by the `HONO_TENANTS_SVC_TENANT_FILENAME` property. |
+| `HONO_TENANT_SVC_STARTEMPTY`<br>`--hono.tenant.svc.startEmpty` | no | `false` | When set to `true` the server will not try to load tenants from the file specified by the `HONO_TENANT_SVC_FILENAME` property during startup. |
 
 The variables only need to be set if the default value does not match your environment.