Configuration & Provisioning

create the configuration file a configuration file can be created using the vendor platform instead of manually using the ui ensures all required fields are correctly configured and helps reduce the risk of errors for a step by step guide docid\ w51otuih9tqm7rbmpqoy create a folder named config next to your floating server binary inside this folder, create a file named default yaml config/default yaml use the following template use the following template database \# if using sqlite type sqlite path /data/db sqlite \# if using sqlcipher type sqlcipher # < switch from sqlite to sqlcipher path /data/app db password "your password" \# if using postgres type postgres host localhost port 5432 user fsuser password fspassword name fsdb sslmode "disable" # options disable, require, verify ca sslrootcert "/path/to/sslcert/ca crt" # ignore if sslmode "disable" cryptoproviderkey "" # secret used to encrypt db data in oauth mode server port 8080 # port on which the server runs verbose true # level of information given in logs disableuserauth false # disable user authentication requirement, not admin! cloud useoauth false \# if authenticating with api/shared key apikey "" sharedkey "" \# if authenticating with oauth clientid "" clientsecret "" \# cloud server config baseurl "" # default "https //api licensespring com" apiprefix "" # default "/api/v4/" serverpublickey "" # default licensespring prod's public key \# if having airgap licenses, fetch this key from platform airgappublickey "" \# provisioning config usehardwarekey false # choose provisioning method privatekeypath "" # path to generated priv key ignore if using hardware key certificatepath "" # path to cert received from ls ignore if using hardware key comment out or remove the fields for the database type you are not using database configuration the database section defines how the application connects to the underlying database two database types are currently supported sqlite and postgresql sqlite when using sqlite, make sure the database directory specified in the yaml configuration file actually exists for example, if you're using /data/db sqlite as shown in the sample above, ensure that the data directory exists the floating server will not create missing directories automatically the database file can be named anything the server will create it if it doesn't exist if you're using sqlite, provide the file path for the database file type sqlite path /data/db sqlite sqlcipher integration starting from https //docs licensespring com/floating server v2/overview and installation#rbun1 we offer full encryption of the sqlite database to enable it in your config file , set the database type to sqlchiper instead of sqlite before running the server, install sqlcipher on your system (linux or windows) and ensure your app links to it installing sqlcipher linux sudo apt update sudo apt install sqlcipher libsqlcipher dev windows if you’re on win 10 or above, install wsl on windows and run sudo apt get install sqlcipher postgresql update the default yaml file with the following fields host the postgresql server address (usually localhost for local development) port port number (default is 5432 ) user the postgresql username password the password for the specified user name the name of the database to connect to type postgres host the posgres host port the postgres port user the user in db password password name give the db a name setting up postgresql (local) install postgresql (if not installed) create the database and user psql postgres inside the psql prompt sql create database fsdb; create user fsuser with password 'fspassword'; grant all privileges on database fsdb to fsuser; verify the connection psql h localhost u fsuser d fsdbpsql h localhost u fsuser d fsdb you will be prompted to enter the password you set for the database user (e g ,fspassword or the password you chose) this process in macos is shown in the following picture cryptoproviderkey cryptoproviderkey is a secret key you may use to encrypt data before storing it in the database oauth you must set cryptoproviderkey to encrypt data in the database api/shared keys not required; the database uses sharedkey for encryption automatically server configuration port network port the server listens on verbose set true for development logs, false for production disableuserauth only set true for testing; this disables user authentication for license management features cloud configuration api/shared keys fill apikey and sharedkey oauth set useoauth true and provide clientid, clientsecret, and cryptoproviderkey if your baseurl or apiprefix differs from the defaults, specify them in the cloud section you must also provide the server’s public key in the following format serverpublickey | \ begin public key (your public key here) \ end public key provisioning the floating server provisioning ensures that only authorized instances of the server are allowed to run step 1 generate a key pair openssl genrsa out private key 2048 step 2 provision via ls platform open the licensespring platform navigate to enterprise company → licenses → floating servers click provision the floating server choose certificate as the authentication type enter a name and optional expiration date generate a csr (certificate signing request) locally copy the contents of request csr into the ls platform form on the below and click confirm step 3 download and save certificates save the issued certificate (e g , certificate crt) generate the chain certificate from platform as shown below (e g , chain pem) keep your private key accessible step 4 update default yaml cloud usehardwarekey false # choose provisioning method privatekeypath "" # ignore if using hardware key certificatepath "" # ignore if using hardware key