Configuring the server

Server configuration file

Many Orion server settings are found in the Orion server configuration file. By default Orion looks for this file in the current working directory of the Orion server process in a file called orion.conf. For example you can place this file in the root of your Orion install, then launch Orion from there.

Note: On Mac OS X, if you're launching Orion by double-clicking Orion.app, the working directory is orion.app/Contents/MacOS, so you must put the orion.conf file in that directory. (To drill into orion.app, Ctrl+click it and choose "Show Package Contents".)

If the configuration file is not in the working directory, Orion will check the platform instance location - the location specified by the -data command line argument. By default this is a directory called "serverworkspace". Alternatively, the location of the configuration file can be specified via the system property orion.core.configFile. For example add this line to orion.ini:

-Dorion.core.configFile=/home/fran/orion.conf

The file is a simple text configuration file with key/value pairs delimited by '=' character. Lines starting with '#' are treated as comments and ignored

Note: For those developing Orion, the server configuration file can be specified in your Eclipse launch configuration. The launch configuration file included in the bundle org.eclipse.orion.client.core will automatically use the configuration file web-ide.conf in the same bundle.

Changing the port

By default Orion will run on port 8080. To change the port, edit the file orion.ini, and change the value of the "org.eclipse.equinox.http.jetty.http.port" system property.

Safely running on port 80

Running a server on port 80 usually requires running the application as the root user. For security reasons, running the Orion server as root is not recommended. Instead, you can run a basic Apache server as root, with the following entries in the Apache virtual host configuration file:

RewriteEngine On
ProxyPreserveHost On
RewriteRule ^/(.*) http://localhost:8080/$1 P,L

Also, for the wildcard hosting, this is used as well (in addition to a wildcard DNS entry):

ServerName orion.eclipse.org
ServerAlias *.orion.eclipse.org

Configuring to run over SSL

The Orion server can be configured to run over the secure https protocol. In order to do it you need to generate or obtain a public/private key pair and x509 certificate and set the Orion configuration as described below..

Creating a private/public key pair and a certificate

Use the keytool from Java SDK:

keytool -keystore keystore -alias jetty -genkey -keyalg RSA

You will be prompted for information about the certificate and passwords for protecting the keystore and keys in it. Once it is done a file named keystore is created in the current working directory and you may proceed to Setting the Orion configuration

Getting the certificate from a known authority

The keys and certificate generated in the previous step are sufficient to run Orion over https however will not be trusted by the browser what will end up with a prompt on accessing Orion pages. You may request a well known certificate authority like Thawte, VISA, ValiCert, Verisign etc. to sign your key and certificate.

Setting the Orion configuration

Now set the following properties in the server configuration file:

jetty.https.enabled = true
jetty.https.port = 8443
jetty.ssl.keystore = keystore location
jetty.ssl.password =  password
jetty.ssl.keypassword = password
jetty.ssl.protocol = SSLv3

Configuring paths where users can store files

By default all files created by users are stored in the Orion "server workspace". This is the location specified by the "-data" argument when launching the server. By default this workspace is stored at eclipse/serverworkspace/. To allow users to link files in other locations to their workspace, the orion.file.allowedPaths property can be set in the server configuration file. The property value is a comma-separated list of absolute file system paths. Users will be allowed to link to and edit files in any of those locations. This line in the server configuration file will enable storing of files in /home/orion on the server, or in any sub-directory thereof.

orion.file.allowedPaths=/home/orion

On Windows two backslashes must be used to separate path entries:

orion.file.allowedPaths=C:\\Users\\orion

Configuring project layout

By default, projects are stored in the server workspace in a flat layout at the root of the workspace directory. This layout works well for single-user or small team installs. However in a large installation with hundreds or thousands of users, you may hit limits on the number of entries that can be stored in a directory. The layout can be changed to a hierarchy tree of projects organized by user id with the following property in the server configuration file:

orion.file.layout=userTree

To use the default flat directory structure, you can either omit the property entirely, or specify:

orion.file.layout=flat

Authentication type

To configure the kind of authentication used by the server, set the orion.auth.name property in the server configuration file. For example, the following line will configure the server to use simple form-based authentication:

 orion.auth.name=FORM+OpenID

Valid values for this property are:

Configuring Mozilla Persona authentication

Orion supports login using Mozilla Persona. To log in with Persona, a user must sign in with Persona using the same email address that is associated to their Orion account.

Setting the authentication host

Mozilla Persona credentials supplied by a user are verified against an "audience" parameter, which identifies the server (scheme + domain + port) they're trying to log in to. The following property sets the audience parameter that your server expects. The value of this property should exactly match the client-facing URL of your website. For example, here is what an entry for orionhub.org would look like:

orion.auth.host=http://orionhub.org:80

If this property is not set, Orion will only allow Persona logins from a local loopback device (localhost, 127.0.0.1, etc.). All other attempts attempts to log in with Persona will fail with a message like this:

Error logging in: Authentication host not configured. Contact your system administrator for assistance.

Setting the verifier

When logging in with Mozilla Persona credentials, the user's information is verified using a third-party web service. The following property specifies the URL of the service to be used:

orion.auth.persona.verifier=https://verifier.login.persona.org/verify

If this property is not set, https://verifier.login.persona.org/verify is used by default.

Password storage

The Orion server stores passwords on disk using the Equinox secure storage mechanism. This storage facility is locked by a master password. You can set a master password by setting the following system property in the server's orion.ini file (please use a more creative password):

-Dorion.storage.password=abracadabra

Enabling anonymous read access

By default, each user can only read and write projects they created. When self-hosting or in small team installations, it may be useful to enable users to access each other's projects in a read-only fashion. This can be done by setting the following property in the server configuration file:

orion.file.anonymous.read=true

Email configuration

Orion allows to users to add their email account in profile, that will be later used to send email notifications, for instance resetting the password. This option is however only available if email and SMTP server configuration is present in the server configuration file:

SMTP host that will send email:

mail.smtp.host=smtp_host

port if different than 25 (default):

mail.smtp.port=25

information if authentication to SMTP server is needed

mail.smtp.auth=true

SMTP server user name if authentication to SMTP server is needed:

mail.smtp.user=smtp_user

SMTP server password if authentication to SMTP server is needed:

mail.smtp.password=password 

email that messages will come from (for instance webmaster@orion.eclipse.org):

mail.from=sender_of_mails

Automatic git projects

There is a server configuration property to automatically create a git repository for each created project. This allows a user to stage/commit changes, compare with committed changes, etc. This repository cannot currently be synchronized with a remote replica. To enable this setting, the following property must be specified in the server configuration file:

 orion.file.defaultSCM=git

Installations of Orion can use a hook for providing a custom footer at the bottom of every page. This area is useful for adding copyright notices, legal disclaimers, etc.

The HTML fragment is defined as bottomHTMLFragment in org.eclipse.orion.client.core/static/js/globalCommands.js. The div containing this fragment is assigned a class "footer" and this class is defined in ide.css

Configuring virtual host names for launching sites

In Orion, users can select files and folders from their workspace and launch them as a stand-alone website. For this to work, you should tell the Orion server what virtual host names will be used to host sites. This is done by setting the orion.site.virtualHosts property in the server configuration file:

orion.site.virtualHosts=*.planetorion.org

The value after the = sign is a comma-separated list of domains, such as:

The values from the list will be allocated to hosted sites as virtual host names, so they must be aliases for the Orion server. Orion will listen to incoming requests for these hosts (based on the HTTP "Host" header), and serve up the user's files as necessary.

In a multi-user environment, you'll most likely want to supply a domain wildcard (or some externally-reachable IP address) that resolves to your server. By contrast, if you're running the Orion server for yourself on your local machine, you can simply pass a list of aliases for localhost (see Hosting locally below).

Defaults

If you don't supply the orion.site.virtualHosts property, Orion will use a default setting. On Windows and Linux, the default assigns up to 16 addresses in the range 127.0.0.2 to 127.0.0.254. On Mac OS X, there are no default addresses, so you will receive an error when you attempt to start a site.

Examples

orion.site.virtualHosts=site.myhost.net
Makes 1 host name, site.myhost.net, available for allocation as a virtual host name.

orion.site.virtualHosts=127.0.0.2,127.0.0.3
Makes the 2 IP addresses available as virtual host names. Since they happen to be loopback addresses, any hosted site assigned to them will only be reachable from the local machine. (See Hosting locally).

orion.site.virtualHosts=*.myhost.net
Makes all of *.myhost.net available for allocation. Hosted sites will be assigned to subdomains, for example site1.myhost.net, site2.myhost.net, etc.

orion.site.virtualHosts=foo.myhost.net,*.myhost.net
Makes 1 domain and 1 wildcard domain available. They will be allocated in the order provided. That is, foo.myhost.net will be assigned to the first hosted site that is launched, and subsequent launches will be assigned subdomains of myhost.net.

Hosting locally

When you are the only user of your Orion server, you can just use some aliases for localhost to host on. On most platforms, any 127.x.x.x address will work, so you can do this:

orion.site.virtualHosts=127.0.0.2,127.0.0.3

The above example would give you 2 IP addresses available for virtual hosts: 127.0.0.2 and 127.0.0.3.

{{#if:Running on Mac OS X:
{{#if:In OS X, the above example will not work out-of-the-box. First you'll have to manually create the aliases by running these commands in Terminal.app:

$ sudo ifconfig lo0 alias 127.0.0.2 up
$ sudo ifconfig lo0 alias 127.0.0.3 up

Also ensure that your orion.conf file is located properly inside the orion.app. You will want to "Show Package Contents" in the Finder and then place the file in Contents/MacOS. Then try the example. Note that if you restart your machine, you'll have to execute the sudo commands again. |In OS X, the above example will not work out-of-the-box. First you'll have to manually create the aliases by running these commands in Terminal.app:

$ sudo ifconfig lo0 alias 127.0.0.2 up
$ sudo ifconfig lo0 alias 127.0.0.3 up

Also ensure that your orion.conf file is located properly inside the orion.app. You will want to "Show Package Contents" in the Finder and then place the file in Contents/MacOS. Then try the example. Note that if you restart your machine, you'll have to execute the sudo commands again. }}|image=Note.png|bgcolor=#def3fe|bdcolor=#c5d7e0}}

To use a more readable hostname instead of an IP address, you can edit the hosts file on your local machine and create an entry that maps friendlyHostname to 127.0.0.1. Then include the same hostname in the server configuration property, and Orion will use it:

orion.site.virtualHosts=friendlyHostname