Command Center Console Parameters
The Command Center Console configuration file is on the Command Center host at $GPCC_HOME/conf/app.conf
. Some parameters in this file are set by the Command Center installer.
You can add security settings in app.conf
to suit your environment. See Security Parameters.
After editing this file, reload the configuration by restarting the Command Center Console.
$ gpcc --start
appname = gpccws
httpport = <port>
EnableHTTP
is true. The default is 28080.httpsport = <port>
EnableHTTPS
is true. The default is 28080.rpcport = <port>
listentcp4 = [true | false]
true
, the address type is tcp4. The default is true
. runmode = [prod | dev | test]
dev
, prod
or test
. The default, prod
, is the recommended setting. In dev
and test
modes Command Center prints more verbose log messages. These are different logs than the logs affected by the log_level
parameter.session = [true | false]
true
. Sessions are stored in memory.enablexsrf = [true | false]
xsrfkey = <token_string>
xsrfexpire = <seconds>
2592000
seconds.rendertype = json
printallsqls = [true | false]
false
.log_level
Debug
, Info
, or Error
. The default is Info
. The values are not case-sensitive.master_host = <hostname>
localhost
.master_port = <port>
5432
.path = /usr/local
display_name = <display_name>
enable_kerberos = [true | false]
false
.enable_history = [true | false]
true
. This parameter is managed in Command Center by setting Enable GPCC history data collection on or off on the Admin> Settingsi page.HTTPSCertFile = </path/to/cert.pem>
HTTPSKeyFile = </path/to/cert.pem>
EnableHTTPS = [true | false]
EnableHTTPS
or EnableHTTP
can be true. EnableHTTP = [true | false]
EnableHTTP
or EnableHTTPS
can be true. HTTPAddr = <ipaddress>
stats_check_interval = <seconds>
300
. New tables and changed values such as file size and last access time may not be seen until stats_check_interval
seconds have elapsed. ws_perf_port = <port>
6162
. Choose another port if there is a port conflict or if you are setting up another Command Center instance on the same host.agent_perf_port = <port>
6163
. Choose another port if there is a port conflict on segment hosts, or if you are setting up another Command Center instance on the same cluster.Setting Security Parameters
You may customize the following security headers:
"Cache-Control", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
"Content-Security-Policy", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
"Permissions-Policy", // See https://www.w3.org/TR/permissions-policy-1/
"Referrer-Policy", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
"Strict-Transport-Security", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
"X-Content-Type-Options", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
"X-Frame-Options", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
"X-XSS-Protection", // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
The following headers are configured by default and are set to these values:
"Cache-Control": "no-store",
"Referrer-Policy": "same-origin",
"Strict-Transport-Security": "max-age=31536000",
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "DENY",
"X-XSS-Protection": "1; mode=block",
Where:
"Cache-Control": "no-store"
indicates that the response may not be stored in any cache."Referrer-Policy": "same-origin"
indicates a referrer will be sent for same-site origins, but cross-origin requests will send no referrer information."Strict-Transport-Security": "max-age=31536000"
indicates the time, in seconds, that the browser should remember that a site is only to be accessed using HTTPS."X-Content-Type-Options": "nosniff"
blocks or allows requests depending on type."X-Frame-Options": "DENY"
indicates that the page cannot be displayed in a frame, regardless of the site attempting to do so."X-XSS-Protection": "1; mode=block"
enables XSS filtering and the browser will block page rendering if it detects an attack.
To customize any of these headers, enter your values in the app.conf
file and restart Command Center. For example, to customize Content-Security-Policy
, Permissions-Policy
, and X-Frame-Options
use a app.conf
entry similar to:
[security_headers]
Content-Security-Policy = default-src 'self' http://example.com;
Permissions-Policy = fullscreen=(), geolocation=()
X-Frame-Options = DENY