SVC-Runner Configuration Basics

Configuration base directory

In Debian installations as well as Docker installations the configuration base directory is /etc/svc-runner/, i.e. most configuration work shoud be done in /etc/svc-runner/adm.d.override/*.yaml.

In Windows installations the installation directory will contain a etc\ subdirectory, i.e. something like C:\Program files\SVC-Runner\etc\.

Most configuration files support the use of environment variables and docker secrets as values, see below.

Module configuration via `*.yaml`

`adm.d` vs. `adm.d.override`

Configuration of Java modules used resp. orchestrated by SVC-Runner come in the form of *.yaml files.

The Debian packages, also used by the docker images, come with default configuration files inth adm.d subdirectory of the configuration base directory, i.e. in /etc/svc-runner/adm.d/. DO NOT CHANGE THESE, Thank You.

Custom configurations should be put in the adm.d.override subdirectory, i.e. /etc/svc-runner/adm.d/*.yaml.

Overriding happens on the base of Java module PIDs, not filenames. We still recommend to stick to the file names used in default configuration and examples.

Examples beyond the default configuration can be found in /etc/svc-runner/adm.d.examples/.

Using environment variables and Docker secrets in configuration values

String configuration values support both environment variables and docker secrets as configuration values.

The following example based on /etc/svc-runner/adm.d.examples/database_mariadb.yaml specifies a MariaDB database as JDBC datasource, using an environment variable as database user and a docker secret as database password:

---
service.pid: org.clazzes.jdbc.provider

# mariadb datasource example for /etc/svc-runner/adm.d/database.yaml
datasource:
  MYDATASOURCE:
    url: "jdbc:mariadb://myDatabaseServer:3306/MYDATABASE"
    username:
      service.type: secret
      scheme: env
      key: MARIADB_USER
    password:
      service.type: secret
      scheme: prop
      key: MARIADB_PASSWORD

SSH daemon configuration

SVC-Runner contains a SSH daemon running on TCP port 2200.

The host key as well as the list of authorized keys can be configured in the sshd/ sub directory of the configuration base directory, i.e. in /etc/svc-runner/ssh.d/ for Debian and Docker setups.

It is highly recommend to configure all 3 files yourself, at the minor risk of locking out container-internal root user from the SVC-Runner shell.

SSH host key

The file ssh_host_ed25519_key should contain a SSH key of type ED25519, with ssh_host_ed25519_key.pub containg the public part.

The password has to be empty.

To create such a key pair on a linux system call this:

ssh-keygen -t ed25519 -N '' -f ssh_host_ed25519_key

SSH authorized keys

The authorized_keys (in OpenSSH-Server's well-known format) contains a list of public keys the private counterparts of which are allowed to open SSH connections to resp. in the SVC-Runner shell.

TIP

It is recommended to put a custom host key in the known_hosts.ed25519 file too in the usual format, to avoid locking out the root user of an eventual docker container svc-runner resides in.

SSH known hosts in Docker containers

SVC-Runner's Docker images often come with a pregenerated set of ...

authorized_keys including a password-less SSH key of the root user in the image
ssh_host_ed25519_key and ssh_host_ed25519_key.pub
/root/.ssh/known_hosts for container-internal connections on 127.0.0.1

SVC-Runner Configuration Basics ​

Configuration base directory ​

Module configuration via *.yaml ​

adm.d vs. adm.d.override ​

Using environment variables and Docker secrets in configuration values ​

SSH daemon configuration ​

SSH host key ​

SSH authorized keys ​

SSH known hosts in Docker containers ​