Skip to content

main/config/server.config

Main settings

Property Description Default Example
World * World server FQDN world.synkzone.example.com
Organization * Organization FQDN acme.example.com
AdminEmail * Main administrator email address admin@example.com
TLSPort * External port — if <1024, internal port = TLSPort+38000 443 1337
SynkzoneWebAddress * FQDN of the web interface acme.example.com
SNTPServer * NTP server pool.ntp.org
SNTPServerBackup * Backup NTP server pool.ntp.org
otp.issuer * OTP issuer name shown in authenticator apps Synkzone
EmailTemplates * Path to email templates directory /email-templates
SecondaryServerIdentifier Secondary server identifier
TrustedNodeInstances Comma-separated UUIDs of the API and BFF components uuid1,uuid2

Mailservice

Email is used to send startup notifications and new user credentials.

Property Description Default Example
mailservice * Enable email false
mailservice.bounce ** Bounce email address bounce@example.com
mailservice.domain ** Domain emails are sent from example.com
mailservice.reply ** Reply address in credential emails noreply@example.com
mailservice.sender ** Display name for the "from" field Synkzone
mailservice.smtp.host ** SMTP host FQDN mail.example.com
mailservice.smtp.port ** SMTP port 587
mailservice.smtp.credentials ** Path to credentials file /config/mailservice-credentials.properties
mailservice.startup Recipient for startup confirmation email admin@example.com
mailservice.monitoring Recipient for monitoring notifications monitoring@example.com
mailservice.dkim.selector DKIM selector pointing to public key s1
mailservice.dkim.privatekey.path Path to DKIM private key /config/mailservice-dkim.privatekey

Remote Storage

Property Description Default Example
remote_storage.enabled * Enable remote storage false
remote_storage.bucket ** Bucket name — must be unique per organization; recommended to use the main component UUID
remote_storage.provider ** Storage provider name SafeSpring
remote_storage.endpoint ** Storage endpoint s3.sto2.safedc.net
remote_storage.credentials ** Path to credentials file /config/remote-storage-credentials.properties
remote_storage.self_test_on_start Run a connectivity test on every startup true
remote_storage.etag ETag handling Disabled

BankID

Property Description Default Example
GrandIdAPI ** GrandID API endpoint for BankID https://client.grandid.com/json1.1
GrandIdAPIKey.path ** Path to GrandID API key file /config/grandid-api-key
GrandIdBankIdKey.path ** Path to GrandID BankID key file /config/grandid-bankid-key
PersonalIdentificationTypes ** BankID identification type SWEDISH_MOBILE_BANK_ID

IDP

Property Description Default Example
IDPType ** IDP type GenericOIDC
IDPName ** Display name shown to users Hostname from IDPIssuerURL My IDP
IDPClientId ** OIDC client identifier registered with the IDP
IDPIssuerURL ** OIDC issuer URL — must exactly match the value specified by the IDP https://login.example.com
IDPUserIdClaim ** JWT claim used as external user ID sub oid
AutoCreateIDPUsers ** Automatically create accounts for IDP users false
OAuthClientSecret.path ** Path to OAuth client secret file /config/oauth-client-secret

If the IDP at the specified IDPIssuerURL is OIDC capable and responds to configuration requests at <issuerURL>/.well-known/openid-configuration, all IDP configuration will be completed automatically.

If no well-known configuration exists, the IDP may still work with standard default settings.

The IDP must register <Customer's Synkzone Web URL>/auth and https://synkzone.com/auth as redirect URLs.

Note

  • * Required parameter.
  • ** Required parameter if feature functionality is enabled.