You can manage the Roxy-WI settings in the Admin area => Settings section.
TThe settings are applied to the All group, which includes all users by default.
You can specify the following parameters:
- basic settings for SMON;
- basic settings for RabbitMQ;
- basic settings for NGINX;
- settings for the system monitoring;
- general settings such as time zone, the address of the proxy server, TTL for tokens and sessions, etc.;
- settings for storing and managing the logs;
- settings for managing the LDAP access;
- basic settings for HAProxy.
In this section, you can manage the following settings for RabbitMQ:
- rabbitmq_host — the IP address of FQDN of the RabbitMQ server host;
- rabbitmq_port — the port that RabbitMQ listens on;
- rabbitmq_vhost — the virtual host in RabbitMQ;
- rabbitmq_queue — the name of the queue for interaction with Roxy-WI;
- rabbitmq_user — the name of the RabbitMQ server user;
- rabbitmq_password — the password for the RabbitMQ server user.
In this section, you can manage the following settings for NGINX:
- nginx_path_logs — the path for NGINX logs;
- nginx_stats_user — the username allowed to access the NGINX stats page;
- nginx_stats_password — the password for accessing the NGINX stats page;
- nginx_stats_port — the port for the NGINX stats page;
- nginx_stats_page — the URI for the NGINX stats page;
- nginx_dir — the path to the NGINX directory containing configuration files;
- nginx_config_path — the path to the NGINX configuration file;
- nginx_container_name — the name of the Docker container for NGINX (if NGINX is running in a container)
This section contains the settings for system monitoring. Only users with the appropriate permissions (i.e., those of superAdmin) can access it. If you edit the settings here, the changes will affect the All group.
You can specify the following parameters:
- smon_check_interval — the frequency of SMON checks (in minutes);
- checker_check_interval — the frequency of the Checker checks (in minutes);
- port_scan_interval — the frequency of port scanning (in minutes);
- smon_keep_history_range — the retention period for SMON history (in days);
- checker_keep_history_range — the retention period for the Checker history (in days);
- portscanner_keep_history_range — the retention period for the Port Scanner history (in days);
- checker_maxconn_threshold — the maximum connection threshold at which alerts are triggered.
This section contains the settings for the SMON tool. Only users with the appropriate permissions (i.e., those of superAdmin) can access it. If you edit the settings here, the changes will affect the All group.
You can specify the following parameters:
- master_ip — the IP address or hostname used to connect to the SMON master;
- master_port — the port used for connecting to the SMON master;
- agent_port — the port for the SMON agent;
- smon_keep_history_range — the retention period for SMON history (in days);
- smon_ssl_expire_warning_alert — warning alert for SSL certificate expiration (in days);
- smon_ssl_expire_critical_alert — critical alert for SSL certificate expiration (in days).
In this section you can specify the following parameters:
- time_zone — the time zone;
- proxy — the IP address and port of the proxy server;
- session_ttl — TTL for a user session in days (the time period after which the session expires);
- token_ttl — TTL for a token in days (the time period after which the token expires);
- tmp_config_path — the path to the temporary directory (the directory must be owned by the user specified in the SSH settings);
- cert_path — the path to the directory where the SSL certificates are stored (the directory must be owned by the user specified in the SSH settings);
- ssl_local_path — the path to the directory where the SSL certificates are stored locally (the value of this parameter should be specified as a relative path beginning with $HOME_ROXY_WI/app/)
- lists_path — the path to the black and white lists (the value of this parameter should be specified as a relative path beginning with $HOME_ROXY-WI);
- maxmind_key — the license key for downloading GeoLite 2 DB (create it on MaxMind website);
In this section, you can specified the following parameters:
- syslog_server_enable — enable or disable the syslog server for storing HAProxy logs (1 for enable, 0 for disable);
- syslog_server — the IP address of the syslog server;
- log_time_storage — the retention period for activity logs (in days);
- apache_log_path — the path to the Apache logs.
In this section, you can specify the following parameters:
- ldap_enable — enable or disable LDAP (1 for enable, 0 for disable);
- ldap_server — the IP address of the LDAP server;
- ldap_port — the LDAP port (default is 389 or 636);
- ldap_user — LDAP user name (format: [email protected]);
- ldap_password — the password for the user specified in the previous parameter;
- ldap_base — LDAP base domain (example: dc=domain, dc=com);
- ldap_domain — LDAP domain;
- ldap_class_search — the class to which the user belongs (used for user search);
- ldap_user_attribute — the attribute used for searching the user;
- ldap_search_field — the user's email address;
- ldap_type — enable LDAPS (1 for enable, 0 for disable).
In this section, you can specify the following settings:
- haproxy_path_logs — the path for HAProxy logs;
- stats_user — the username permitted to access the HAProxy stats page;
- stats_password — the password for accessing the HAProxy stats page;
- stats_port — the port for the HAProxy stats page;
- stats_page — the URI for the HAProxy stats page;
- haproxy_dir — the path to the HAProxy directory;
- haproxy_config_path — the path to the HAProxy configuration file;
- server_state_file — the path to the HAProxy state file;
- haproxy_sock — the address of the HAProxy state socket;
- haproxy_sock_port — the port for the HAProxy socket;
- haproxy_container_name — the name of the Docker container for HAProxy (if it is running in a container).
In this section, you can manage the following settings for Apache:
- apache_path_error_logs — the path to the Apache error log;
- apache_stats_user — the username permitted to access the Apache stats page;
- apache_stats_password — the password for accessing the Apache stats page;
- apache_stats_port — the port for the Apache stats page;
- apcache_stats_page — the URI for the Apache stats page;
- apache_dir — the path to the Apache directory where configuration files are stored;
- apache_config_path — the path to the Apache configuration file;
- apache_container_name — the name of the Docker container for Apache (if it is running in a container).
Since version 6.1.1, the Roxy-WI configuration file (roxy-wi.cfg) has been relocated to the /etc/roxy-wi folder.
Please note that you can edit this file to modify the behavior of Roxy-WI as needed.