Interface ServerConfig

  • @Immutable
    public interface ServerConfig
    General configuration properties for the server.
    • Method Detail

      • getPort

        int getPort()
        Port to listen on. Server will listen for HTTPS on this port. Defaults to 8080.
      • isGenerateSelfSignedCertificate

        boolean isGenerateSelfSignedCertificate()
        Whether the server should generate a self-signed SSL certificate for the HTTPs port. This should only be enabled for local development.
      • isDisableClientCertificateVerification

        boolean isDisableClientCertificateVerification()
        Whether clients should have SSL certificate verification disabled. This should only be enabled for local development.
      • isDisableServerCertificateVerification

        boolean isDisableServerCertificateVerification()
        Whether backend service SSL certificates should be verified. This should only be enabled for local development.
      • getTlsCertificatePath

        java.lang.String getTlsCertificatePath()
        Path to the file containing the TLS certificate for this server.
      • getTlsPrivateKeyPath

        java.lang.String getTlsPrivateKeyPath()
        Path to the file containing the private key for the TLS certificate for this server.
      • getClientTlsCertificatePath

        java.lang.String getClientTlsCertificatePath()
        Path to the file containing the TLS certificate for client requests. If unset, tlsCertificatePath is used.
      • getClientTlsPrivateKeyPath

        java.lang.String getClientTlsPrivateKeyPath()
        Path to the file containing the private key for client requests. If unset, tlsPrivateKeyPath is used.
      • getCaCertificatePath

        java.lang.String getCaCertificatePath()
        Path to the file containing the certificate of the CA that issues server/client certs in this system.
      • getAdditionalCaCertificatePath

        java.lang.String getAdditionalCaCertificatePath()
        Path to an additional CA certificate, necessary for migrating CAs as two CAs need to be trusted at the same time.
      • getGrpcPath

        java.lang.String getGrpcPath()
        The path to service gRPC APIs on, defaults to /api.
      • isDisableGrpcServiceDiscovery

        boolean isDisableGrpcServiceDiscovery()
        Whether the ProtoReflectionService should be added to the server to enable discovery of bound GrpcServices. The "grpc.reflection.v1alpha.ServerReflection/*" path should be blocked from external traffic when enabling this service. If it is difficult to block the service, this should be disabled instead.
      • isDisableDocService

        boolean isDisableDocService()
        Whether the DocService is disabled in the server. It is recommended to leave it enabled, and this option has mainly been added temporarily as a workaround for
      • getRpcAclsPath

        java.lang.String getRpcAclsPath()
        Path to file containing rpc acl configuration. If empty, features using rpc acl will be disabled, including:
      • isDisableSslAuthorization

        boolean isDisableSslAuthorization()
        Whether authorization using SSL client certificates should be disabled. This should generally only be set to true for services used from browsers.
      • isEnableIapAuthorization

        boolean isEnableIapAuthorization()
        Whether to enable Google Identity-Aware Proxy token verification.
      • getIpFilterRules

        java.util.List<java.lang.String> getIpFilterRules()
        List of IP filtering rules, as IP Addresses with subnet range (e.g., If non-empty, only requests that match these rules will be allowed to access the server.
      • getIpFilterInternalOnly

        boolean getIpFilterInternalOnly()
        Sets whether IP filter rules should only be applied to internal services. If not set, IP filter rules are applied to all requests.
      • getEnableGracefulShutdown

        boolean getEnableGracefulShutdown()
        Sets whether to shutdown gracefully, by first disabling health check and then wait some time for requests to go away before shutting down. This should always be set in non-local deployments.
      • getDisableEdns

        boolean getDisableEdns()
        Whether EDNS should be disabled in clients. This is required when connecting to a server in an environment with a DNS server that doesn't support EDNS.