Configuration properties glossary¶
Introduction¶
The primary form of configuration is via the use of key/value properties,
stored in etc/grid/config.xml and read on server startup. Backing up
and copying these properties is as easy as copying this file to a new server
version.
The etc/omero.properties file of your distribution defines all the default configuration properties used by the server. Changes made to the file are not recognized by the server. Instead, configuration options can be set using the omero config set command:
$ omero config set <parameter> <value>
When supplying a value with spaces or multiple elements, use single quotes. The quotes will not be saved as part of the value (see below).
To remove a configuration option (to return to default values where mentioned), simply omit the value:
$ omero config set <parameter>
These options will be stored in a file: etc/grid/config.xml which
you can read for reference. DO NOT edit this file directly.
You can also review all your settings by using:
$ omero config get
which should return values without quotation marks.
A final useful option of omero config edit is:
$ omero config edit
which will allow for editing the configuration in a system-default text editor.
Note
Please use the escape sequence \" for nesting double quotes (e.g.
"[\"foo\", \"bar\"]") or wrap with ' (e.g. '["foo",
"bar"]').
Examples of doing this are on the server installation page, as well as the LDAP installation page.
Mandatory properties¶
The following properties need to be correctly set for all installations of the OMERO.server. Depending on your set-up, default values may be sufficient.
Binary repository¶
omero.checksum.supported¶
Checksum algorithms supported by the server for new file uploads, being any comma-separated non-empty subset of:
Adler-32
CRC-32
MD5-128
Murmur3-32
Murmur3-128
SHA1-160
File-Size-64
In negotiation with clients, this list is interpreted as being in descending order of preference.
Default: SHA1-160, MD5-128, Murmur3-128, Murmur3-32, CRC-32, Adler-32, File-Size-64
omero.data.dir¶
Default: /OMERO/
omero.fs.repo.path¶
Value dynamically set during the build Template for FS managed repository paths. Allowable elements are:
%user% bob
%userId% 4
%group% bobLab
%groupId% 3
%year% 2011
%month% 01
%monthname% January
%day% 01
%time% 15-13-54.014
%institution% University of Dundee
%hash% 0D2D8DB7
%increment% 14
%subdirs% 023/613
%session% c3fdd5d8-831a-40ff-80f2-0ba5baef448a
%sessionId% 592
%perms% rw----
%thread% Blitz-0-Ice.ThreadPool.Server-3
/ path separator
// end of root-owned directories
These are described further at FS configuration options
The path must be unique per fileset to prevent upload conflicts, which is why %time% includes milliseconds.
A // may be used as a path separator: the directories preceding it are created with root ownership, the remainder are the user’s. At least one user-owned directory must be included in the path.
The template path is created below omero.managed.dir,
e.g. /OMERO/ManagedRepository/$omero.fs.repo.path/
Default: %user%_%userId%//%year%-%month%/%day%/%time%
omero.fs.repo.path_rules¶
Rules to apply to judge the acceptability of FS paths for writing into
omero.managed.dir, being any comma-separated non-empty subset of:
Windows required
Windows optional
UNIX required
UNIX optional
local required
local optional
Minimally, the “required” appropriate for the server is recommended. Also applying “optional” rules may make sysadmin tasks easier, but may be more burdensome for users who name their files oddly. “local” means “Windows” or “UNIX” depending on the local platform, the latter being applied for Linux and Mac OS X.
Default: Windows required, UNIX required
omero.managed.dir¶
Default: ${omero.data.dir}/ManagedRepository
Client¶
omero.client.download_as.max_size¶
Clients disable download as jpg/png/tiff above max pixel count.
Default: 144000000
omero.client.icetransports¶
Comma separated list of Ice transports available to clients. The default value (“ssl,tcp”) instructs Ice to open the ports specified by the omero.ports.ssl and omero.ports.tcp properties. Restricting to “ssl” will prevent all non-encrypted connections to the OMERO server.
Additionally, there are two experimental values for using websockets: “ws” and “wss” for unencrypted and encrypted, respectively. The ports that are opened are controlled by the omero.ports.ws and omero.ports.wss properties. To enable all possible protocols use: “ssl,tcp,wss,ws”.
Note: When using websockets behind a web server like nginx, additional configuration may be needed.
Default: ssl, tcp
omero.client.scripts_to_ignore¶
Server-side scripts used in IScript service Clients shouldn’t display.
Default: /omero/figure_scripts/Movie_Figure.py, /omero/figure_scripts/Split_View_Figure.py, /omero/figure_scripts/Thumbnail_Figure.py, /omero/figure_scripts/ROI_Split_Figure.py, /omero/export_scripts/Make_Movie.py, /omero/import_scripts/Populate_ROI.py
omero.client.ui.tree.orphans.description¶
Description of the “Orphaned images” container.
Default: This is a virtual container with orphaned images. These images are not linked anywhere. Just drag them to the selected container.
omero.client.ui.tree.orphans.enabled¶
Flag to show/hide “Orphaned images” container. Only accept “true” or “false”
Default: true
omero.client.ui.tree.orphans.name¶
Name of the “Orphaned images” container located in client tree data manager.
Default: Orphaned Images
omero.client.ui.tree.type_order¶
Client tree type order rank list first type is ranked 1 (the highest), last is the lowest if set to ‘false’ empty list allows mixing all types and sorting them by default client ordering strategy
Default: tagset, tag, project, dataset, screen, plate, acquisition, image
omero.client.viewer.initial_zoom_level¶
Initial client image viewer zoom level for big images
Default: 0
Database¶
omero.db.authority¶
The string that will be used as the base for LSIDs in all exported OME objects including OME-XML and OME-TIFF. It’s usually not necessary to modify this value since the database UUID (stored in the database) is sufficient to uniquely identify the source.
Default: export.openmicroscopy.org
omero.db.dialect¶
Implementation of the org.hibernate.dialect.Dialect interface which will be used to convert HQL queries and save operations into SQL SELECTs and DML statements.
(PostgreSQL default)
Default: ome.util.PostgresqlDialect
omero.db.driver¶
JDBC driver used to access the database. Other drivers can be configured which wrap this driver to provide logging, monitoring, etc.
(PostgreSQL default)
Default: org.postgresql.Driver
omero.db.host¶
The host name of the machine on which the database server is running. A TCP port must be accessible from the server on which OMERO is running.
Default: localhost
omero.db.patch¶
The patch version of the database which is in use. This value need not match the patch version of the server that is is being used with. Any changes by developers to the database schema will result in a bump to this value.
Default: 0
omero.db.poolsize¶
Sets the number of database server connections which will be used by OMERO.
A sizeable increase in this value, e.g. to 100, will significantly increase the performance of your server, but your database installation will need to be configured to accept at least as many, preferably more, connections as this value.
The related values omero.threads.max_threads and omero.threads.background_threads do not need to be increased by the same amount. A system will be more stable if background_threads is less than max_threads and max_threads is less than poolsize.
Default: 10
omero.db.port¶
TCP port on which the database server is listening for connections. Used by the JDBC driver to access the database. Use of a local UNIX socket is not supported.
(PostgreSQL default)
Default: 5432
omero.db.prepared_statement_cache_size¶
Default: 10
omero.db.profile¶
Default values for the current profile will be hard-coded into the hibernate.properties file in the model-*.jar. By using a different jar, you can modify the defaults.
Note: some other properties are defined in
the file etc/profiles/$omero.db.profile
Especially of importance is omero.db.port
Set during the build
Default: psql
omero.db.properties¶
Properties to set on OMERO.server’s JDBC connection to the database. See https://jdbc.postgresql.org/documentation/head/connect.html
Default: [empty]
omero.db.sql_action_class¶
Implementation of the ome.util.SqlAction interface which will be used to perform all direct SQL actions, i.e. without Hibernate.
(PostgreSQL default)
Default: ome.util.actions.PostgresSqlAction
omero.db.statistics¶
Whether JMX statistics are collected for DB usage (by Hibernate, etc)
Default: true
omero.db.url¶
The URL specifying how the Java driver connects to the database system.
Default: jdbc:postgresql://${omero.db.host}:${omero.db.port}/${omero.db.name}?ApplicationName=OMERO.${omero.name}&${omero.db.properties}
omero.db.version¶
Version of the database which is in use. This value typically matches the major.minor version of the server that it is being used with. Typically, only developers will change this version to bump to a new major version.
Default: OMERO5.4
Glacier2¶
omero.glacier2.IceSSL¶
Glacier2Template IceSSL defaults and overrides,
see https://doc.zeroc.com/ice/3.6/property-reference/icessl.
Any property beginning omero.glacier2.IceSSL. will be used to
update the corresponding IceSSL. property.
Default: [empty]
omero.glacier2.IceSSL.Ciphers¶
Glacier2Template SSL allowed cipher suites
Default: ADH:!LOW:!MD5:!EXP:!3DES:@STRENGTH
omero.glacier2.IceSSL.ProtocolVersionMax¶
Glacier2Template SSL maximum allowed protocol (mac bug)
Default: tls1_1
Grid¶
omero.cluster.read_only¶
Deprecated. If true, will override both the db and repo properties to be true.
Default: false
omero.cluster.read_only.db¶
If access to the database is read-only: no writes should be attempted. A “false” may be overridden by omero.cluster.read_only above.
Default: false
omero.cluster.read_only.repo¶
If access to the binary repo is read-only: no writes should be attempted. A “false” may be overridden by omero.cluster.read_only above.
Default: false
omero.cluster.redirector¶
Default: nullRedirector
omero.grid.registry_timeout¶
registry_timeout is the milliseconds which the registry and other services will wait on remote services to respond.
Default: 5000
JVM¶
omero.jvmcfg.append¶
Contains other parameters which should be passed to the JVM. The value of “append” is treated as if it were on the command line so will be separated on whitespace. For example, ‘-XX:-PrintGC -XX:+UseCompressedOops’ would results in two new arguments. Note that when using config set from the command line one may need to give a prior – option to prevent a value starting with - from already being parsed as an option, and values may need quoting to prevent whitespace or other significant characters from being interpreted prematurely.
Default: [empty]
omero.jvmcfg.heap_dump¶
Toggles on or off heap dumps on OOMs. Default is “off”. The special value “tmp” will create the heap dumps in your temp directory.
Default: [empty]
omero.jvmcfg.max_system_memory¶
Suggestion for strategies as to the maximum memory that they will use for calculating JVM settings (MB).
Default: 48000
omero.jvmcfg.min_system_memory¶
Suggestion for strategies as to the minimum memory that they will use for calculating JVM settings (MB).
Default: 3414
omero.jvmcfg.percent¶
Used only by the percent strategy. An integer between 0 and 100 which is the percent of active memory that will be used by the service.
Default: [empty]
omero.jvmcfg.perm_gen¶
Explicit value for the MaxPermSize argument to the JVM, e.g. “500M”. Ignored for Java8+
Default: [empty]
omero.jvmcfg.strategy¶
Memory strategy which will be used by default. Options include: percent, manual
Default: percent
omero.jvmcfg.system_memory¶
Manual override of the total system memory that OMERO will think is present on the local OS (MB). If unset, an attempt will be made to detect the actual amount: first by using the Python library psutil and if that is not installed, by running a Java tool. If neither works, 4.0GB is assumed.
Default: [empty]
LDAP¶
omero.ldap.base¶
LDAP server base search DN, i.e. the filter that is applied to all users. (can be empty in which case any LDAP user is valid)
Default: ou=example, o=com
omero.ldap.connect_timeout¶
Sets com.sun.jndi.ldap.connect.timeout on the Spring LDAP
default security context source environment. The context source
is responsible for interacting with JNDI/LDAP.
This timeout is specified in milliseconds and controls the amount of time JNDI/LDAP will wait for a connection to be established.
A timeout less than or equal to zero means that no timeout will be observed and that the OMERO server will wait indefinitely for LDAP connections to be established. Such a timeout should be used with extreme caution as connectivity issues may then cause your server to no longer be able to create new sessions.
For more information on what this JNDI/LDAP property does, see https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/create.html
Default: 5000
omero.ldap.group_filter¶
Default: (objectClass=groupOfNames)
omero.ldap.group_mapping¶
Default: name=cn
omero.ldap.new_user_group¶
Without a prefix the “new_user_group” property specifies
the name of a single group which all new users will be
added to. Other new_user_group strings are prefixed with
:x: and specify various lookups which should take
place to find one or more target groups for the new user.
:ou: uses the final organizational unit of a user’s dn
as the single OMERO group e.g. omero.ldap.new_user_group=:ou:
:attribute: uses all the values of the specified
attribute as the name of multiple OMERO groups. e.g.
omero.ldap.new_user_group=:attribute:memberOf
Like :attribute:, :filtered_attribute: uses all the
values of the specified attribute as the name of
multiple OMERO groups but the attribute must pass
the same filter as :query: does. e.g.
omero.ldap.new_user_group=:filtered_attribute:memberOf
Similar to :attribute:, :dn_attribute: uses all the
values of the specified attribute as the DN of
multiple OMERO groups. e.g.
omero.ldap.new_user_group=:dn_attribute:memberOf
A combination of filtered_attribute and dn_attribute,
:filtered_dn_attribute: uses all of the values of the
specified attribute as the DN of multiple OMERO groups
but the attribute must pass the same filter as :query:
e.g. omero.ldap.new_user_group=:filtered_dn_attribute:memberOf
:query: performs a query for groups. The “name”
property will be taken as defined by omero.ldap.group_mapping
and the resulting filter will be AND’ed with the value
group_filter (above) e.g.
omero.ldap.new_user_group=:query:(member=@{dn})
:bean: looks in the server’s context for a
bean with the given name which implements
ome.security.auth.NewUserGroupBean e.g.
omero.ldap.new_user_group=:bean:myNewUserGroupMapperBean
Default: default
omero.ldap.new_user_group_owner¶
A query element to check if user who is being created
via the new_user_group setting should be made a
“manager”, i.e. owner, of the queried group. E.g.
omero.ldap.new_user_group_owner=(owner=@{dn})
will use the ‘manager’ attribute to set the ‘owner’
flag in the database. This query element is appended
to any query used by new_user_group with an AND.
This property is not used by new_user_group type
‘default’ and only potentially by :bean:.
Default: [empty]
omero.ldap.read_timeout¶
Sets com.sun.jndi.ldap.read.timeout on the Spring LDAP
default security context source environment. The context source
is responsible for interacting with JNDI/LDAP.
This timeout is specified in milliseconds and controls the amount of time JNDI/LDAP will wait for a response from the LDAP server. When connecting to a server using SSL this timeout also applies to the SSL handshake process.
A timeout less than or equal to zero means that no timeout will be observed and that the OMERO server will wait indefinitely for LDAP replies. Such a timeout should be used with extreme caution, especially when using SSL and/or without a connection pool, as connectivity issues may then cause your server to no longer be able to create new sessions.
For more information on what this JNDI/LDAP property does, see https://docs.oracle.com/javase/tutorial/jndi/newstuff/readtimeout.html
Default: 5000
omero.ldap.referral¶
Available referral options are: “ignore”, “follow”, or “throw” as per the JNDI referral documentation.
Default: ignore
omero.ldap.sync_on_login¶
Whether or not values from LDAP will be synchronized to OMERO on each login. This includes not just the username, email, etc, but also the groups that the user is a member of.
Note
Admin actions carried out in the clients may not survive this synchronization e.g. LDAP users removed from an LDAP group in the UI will be re-added to the group when logging in again after the synchronization.
Default: false
omero.ldap.urls¶
Set the URL of the LDAP server. A SSL URL for this property would be of the form: ldaps://ldap.example.com:636
Default: ldap://localhost:389
omero.ldap.user_filter¶
Default: (objectClass=person)
omero.ldap.user_mapping¶
Default: omeName=cn, firstName=givenName, lastName=sn, email=mail, institution=department, middleName=middleName
Mail¶
omero.mail.password¶
the password to connect to the smtp server (if required; can be empty)
Default: [empty]
omero.mail.smtp.connectiontimeout¶
Default: 60000
omero.mail.smtp.debug¶
Default: false
omero.mail.smtp.socketFactory.class¶
Default: javax.net.SocketFactory
omero.mail.smtp.socketFactory.fallback¶
Default: false
omero.mail.smtp.socketFactory.port¶
Default: ${omero.mail.port}
omero.mail.smtp.starttls.enable¶
Default: false
omero.mail.smtp.timeout¶
Default: 60000
omero.mail.transport.protocol¶
other smtp parameters; see org.springframework.mail.javamail.JavaMailSenderImpl
Default: smtp
omero.mail.username¶
the username to connect to the smtp server (if required; can be empty)
Default: [empty]
Metrics¶
omero.metrics.bean¶
Which bean to use: nullMetrics does nothing defaultMetrics uses the properties defined below
Default: defaultMetrics
omero.metrics.slf4j_minutes¶
Number of minutes to periodically print to slf4j 0 or lower disables the printout.
Default: 60
Performance¶
omero.sessions.max_user_time_to_idle¶
Sets the maximum duration in milliseconds a user can request before a login is required due to inactivity.
Default: 6000000
omero.sessions.max_user_time_to_live¶
Sets the maximum duration in milliseconds a user can request before a login is required (0 signifies never).
Default: 0
omero.sessions.maximum¶
Sets the default duration before a login is required; 0 signifies never.
Default: 0
omero.sessions.sync_force¶
Default: 1800000
omero.sessions.sync_interval¶
Default: 120000
omero.sessions.timeout¶
Sets the default duration of inactivity in milliseconds after which a login is required.
Default: 600000
omero.threads.background_threads¶
Number of threads from the max_threads pool that can be used at any given time for background tasks like import.
Default: 10
omero.threads.background_timeout¶
Number of milliseconds to wait for a slot in the background queue before a rejection error will be raised.
Default: 3600000
omero.threads.cancel_timeout¶
Default: 5000
omero.threads.idle_timeout¶
Default: 5000
omero.threads.max_threads¶
Maximum number of threads that can simultaneously run at the “USER” priority level. Internal system threads may still run.
Default: 50
omero.throttling.method_time.error¶
Time in milliseconds after which a single method invocation will print a ERROR statement to the server log. If ERRORs are frequently being printed to your logs, you may want to increase this value after checking that no actual problem exists. Values of more than 60000 (1 minute) are not advised.
Default: 20000
omero.throttling.method_time.error.indexer¶
Value for the indexer is extended to 1 day
Default: 86400000
omero.throttling.method_time.warn¶
Time in milliseconds after which a single method invocation will print a WARN statement to the server log.
Default: 5000
omero.throttling.method_time.warn.indexer¶
Value for the indexer is extended to 1 hour
Default: 3600000
omero.throttling.objects_read_interval¶
Default: 1000
omero.throttling.objects_written_interval¶
Default: 1000
omero.throttling.servants_per_session¶
Default: 10000
Pixeldata¶
omero.pixeldata.backoff¶
Name of the spring bean which will be used to calculate the backoff (in ms) that users should wait for an image to be ready to view.
Default: ome.io.nio.SimpleBackOff
omero.pixeldata.backoff.maxpixels¶
The maximum number of pixels (in any dimension), if exceeded the default value will be used.
Default: 1000000
omero.pixeldata.batch¶
Number of instances indexed per indexing. (Ignored by pixelDataEventLogQueue)
Default: 50
omero.pixeldata.cron¶
Polling frequency of the pixeldata processing. Set empty to disable pixeldata processing.
Cron Format: seconds minutes hours day-of-month month day-of-week year (optional). For example, “0,30 * * * * ?” is equivalent to running every 30 seconds. See https://www.quartz-scheduler.org/api/1.8.6/org/quartz/CronExpression.html
Default: */4 * * * * ?
omero.pixeldata.dispose¶
Whether the PixelData.dispose() method should try to clean up ByteBuffer instances which may lead to memory exceptions. See ticket #11675 for more information. Note: the property is set globally for the JVM.
Default: true
omero.pixeldata.event_log_loader¶
EventLogLoader that will be used for loading EventLogs for the action “PIXELDATA”. Choices include: pixelDataEventLogQueue and the older pixelDataPersistentEventLogLoader
Default: pixelDataEventLogQueue
omero.pixeldata.max_plane_height¶
With omero.pixeldata.max_plane_width, specifies
the plane size cutoff above which a pixel pyramid will be
generated by the pixeldata service unless subresolutions
can be read from the file format.
These values will be ignored for floating or double pixel
data types where no pyramid will be generated.
Default: 3192
omero.pixeldata.max_plane_width¶
With omero.pixeldata.max_plane_height, specifies
the plane size cutoff above which a pixel pyramid will be
generated by the pixeldata service unless subresolutions
can be read from the file format.
These values will be ignored for floating or double pixel
data types where no pyramid will be generated.
Default: 3192
omero.pixeldata.max_projection_bytes¶
Specifies the maximum number of bytes the server will allow to be projected in real time with the rendering engine.
Default: 268435456
omero.pixeldata.memoizer.dir¶
The directory in which Bio-Formats may create memo files for images from the managed repository.
Default: ${omero.data.dir}/BioFormatsCache
omero.pixeldata.memoizer.dir.local¶
For read-only servers set this to a local read-write directory so that memo files can be created and used. Activates only if the binary repository is read-only.
Default: [empty]
omero.pixeldata.memoizer_wait¶
Maximum time in milliseconds that file parsing can take without the parsed metadata being cached to omero.pixeldata.memoizer.dir.
Default: 0
omero.pixeldata.repetitions¶
Instead, it is possible to tell the server to run more pixeldata repetitions, each of which gets completely committed before the next. This will only occur when there is a substantial backlog of pixels to process.
(Ignored by pixelDataEventLogQueue; uses threads instead)
Default: 1
omero.pixeldata.threads¶
How many pixel pyramids will be generated at a single time. The value should typically not be set to higher than the number of cores on the server machine.
Default: 2
omero.pixeldata.tile_height¶
Default: 256
omero.pixeldata.tile_sizes_bean¶
Default sizes for tiles are provided by a ome.io.nio.TileSizes implementation. By default the bean (“configuredTileSizes”) uses the properties provided here.
Default: configuredTileSizes
omero.pixeldata.tile_width¶
Default: 256
Policy¶
omero.policy.bean¶
Instance of the PolicyService interface which will be responsible for checking certain server actions made by a user.
Default: defaultPolicyService
omero.policy.binary_access¶
Configuration for the policy of whether users can access binary files from disk. Binary access includes all attempts to download a file from the UI.
The individual components of the string include:
write - whether or not users who have WRITE access to the objects can access the binary. This includes group and system administrators.
read - whether or not users who have READ access to the objects can access the binary.
image - whether or not images are to be considered accessible as a rule.
plate - whether or not plates and contained HCS objects are to be considered accessible as a rule. This includes wells, well samples, and plate runs.
Though the order of the components of the property are not important, the order that they are listed above roughly corresponds to their priority. E.g. a -write value will override +plate.
Example 1: “-read,+write,+image,-plate” only owners of an image and admins can download it.
Example 2: “-read,-write,-image,-plate” no downloading is possible.
Configuration properties of the same name can be applied
to individual groups as well. E.g. adding,
omero.policy.binary_access=-read to a group’s config property,
you can prevent group-members from downloading original files, as at
https://docs.openmicroscopy.org/latest/omero/sysadmins/customization.html#download-restrictions
Configuration is pessimistic: if there is a negative either on the group or at the server-level, the restriction will be applied. A missing value at the server restricts the setting but allows the server to override.
Default: +read, +write, +image
Ports¶
omero.ports.prefix¶
The prefix to apply to all port numbers (SSL, TCP, registry) used by the server
Default: [empty]
Query¶
omero.query.timeout.admin¶
How many seconds before a query times out for administrative users.
Default: ${omero.query.timeout}
Scripts¶
omero.launcher.jython¶
Executable on the PATH which will be used for scripts with the mimetype ‘text/x-jython’.
Default: jython
omero.launcher.matlab¶
Executable on the PATH which will be used for scripts with the mimetype ‘text/x-matlab’.
Default: matlab
omero.launcher.python¶
Executable on the PATH which will be used for scripts with the mimetype ‘text/x-python’.
No value implies use sys.executable
Default: [empty]
omero.process.jython¶
Server implementation which will be used for scripts with the mimetype ‘text/x-jython’. Changing this value requires that the appropriate class has been installed on the server.
Default: omero.processor.ProcessI
omero.process.matlab¶
Server implementation which will be used for scripts with the mimetype ‘text/x-matlab’. Changing this value requires that the appropriate class has been installed on the server.
Default: omero.processor.MATLABProcessI
omero.process.python¶
Server implementation which will be used for scripts with the mimetype ‘text/x-python’. Changing this value requires that the appropriate class has been installed on the server.
Default: omero.processor.ProcessI
omero.scripts.cache.cron¶
Frequency to reload script params. By default, once a day at midnight.
Cron Format: seconds minutes hours day-of-month month day-of-week year (optional). For example, “0,30 * * * * ?” is equivalent to running every 30 seconds. See https://www.quartz-scheduler.org/api/1.8.6/org/quartz/CronExpression.html
Default: 0 0 0 * * ?
omero.scripts.cache.spec¶
Guava LoadingCache spec for configuring how many script JobParams will be kept in memory for how long.
For more information, see https://google.github.io/guava/releases/27.1-jre/api/docs/com/google/common/cache/CacheBuilderSpec.html
Default: maximumSize=1000
omero.scripts.timeout¶
Default: 3600000
Search¶
omero.search.analyzer¶
Analyzer used both index and to parse queries
Default: ome.services.fulltext.FullTextAnalyzer
omero.search.batch¶
Size of the batches to process events per indexing. Larger batches can speed up indexing, but at the cost of memory.
Default: 5000
omero.search.bridges¶
Extra bridge classes, comma-separated, to be invoked on each indexing. Bridges are used to parse more information out of the data.
Default: [empty]
omero.search.cron¶
Polling frequency of the indexing. Set empty to disable search indexing.
Cron Format: seconds minutes hours day-of-month month day-of-week year (optional). For example, “0,30 * * * * ?” is equivalent to running every 30 seconds. See https://www.quartz-scheduler.org/api/1.8.6/org/quartz/CronExpression.html
Default: */2 * * * * ?
omero.search.event_log_loader¶
Default: eventLogQueue
omero.search.excludes¶
Indexing takes place on all EventLogs as they occur in the database. The types listed here will be skipped if they appear in the “entityType” field of the EventLog table.
Default: ome.model.annotations.ChannelAnnotationLink, ome.model.core.Channel, ome.model.core.PlaneInfo, ome.model.core.PixelsOriginalFileMap, ome.model.containers.DatasetImageLink, ome.model.containers.ProjectDatasetLink, ome.model.containers.CategoryGroupCategoryLink, ome.model.containers.CategoryImageLink, ome.model.display.ChannelBinding, ome.model.display.QuantumDef, ome.model.display.Thumbnail, ome.model.meta.Share, ome.model.meta.Event, ome.model.meta.EventLog, ome.model.meta.GroupExperimenterMap, ome.model.meta.Node, ome.model.meta.Session, ome.model.annotations.RoiAnnotationLink, ome.model.roi.Roi, ome.model.roi.Shape, ome.model.roi.Text, ome.model.roi.Rectangle, ome.model.roi.Mask, ome.model.roi.Ellipse, ome.model.roi.Point, ome.model.roi.Path, ome.model.roi.Polygon, ome.model.roi.Polyline, ome.model.roi.Line, ome.model.screen.ScreenAcquisitionWellSampleLink, ome.model.screen.ScreenPlateLink, ome.model.screen.WellReagentLink, ome.model.stats.StatsInfo
omero.search.include_actions¶
EventLog.action values which will be indexed. Unless custom code is generating other action types, this property should not need to be modified.
Default: INSERT, UPDATE, REINDEX, DELETE
omero.search.include_types¶
Whitelist of object types which will be indexed. All other types will be ignored. This matches the currently available UI options but may need to be expanded for custom search bridges.
Default: ome.model.core.Image, ome.model.containers.Project, ome.model.containers.Dataset, ome.model.screen.Plate, ome.model.screen.Screen, ome.model.screen.PlateAcquisition, ome.model.screen.Well
omero.search.locking_strategy¶
Default: native
omero.search.max_file_size¶
Maximum file size for text indexing (bytes) If a file larger than this is attached, e.g. to an image, the indexer will simply ignore the contents of the file when creating the search index. This should not be set to more than half of the Indexer heap space.
Note
If you set the max file size to greater than 1/2 the size of the indexer’s heap (256 MB by default), you may encounter Out of Memory errors in the Indexer process or you may cause the search index to become corrupt. Be sure that you also increase the heap size accordingly (see OutOfMemoryError / PermGen space errors in OMERO.server logs).
Default: 131072000
omero.search.max_partition_size¶
Number of objects to load in a single indexing window. The larger this value the fewer times a single object will be indexed unnecessarily. Each object uses roughly 100 bytes of memory.
Default: 1000000
omero.search.merge_factor¶
Default: 25
omero.search.ram_buffer_size¶
Default: 64
omero.search.repetitions¶
Instead, it is possible to tell the server to run more indexing repetitions, each of which gets completely committed before the next. This will only occur when there is a substantial backlog of searches to perform. (More than 1 hours worth)
Default: 1
omero.search.reporting_loops¶
Periodically the completion percentage will be printed. The calculation can be expensive and so is not done frequently.
Default: 100
Security¶
omero.security.chmod_strategy¶
Default: groupChmodStrategy
omero.security.filter.bitand¶
Default: (int8and(permissions, %s) = %s)
omero.security.keyStore¶
A keystore is a database of private keys and their associated X.509 certificate chains authenticating the corresponding public keys. A keystore is mostly needed if you are doing client-side certificates for authentication against your LDAP server.
Default: [empty]
omero.security.login_failure_throttle_count¶
Default: 1
omero.security.login_failure_throttle_time¶
Default: 3000
omero.security.password_provider¶
Implementation of PasswordProvider that will be used to authenticate users. Typically, a chained password provider will be used so that if one form of authentication (e.g. LDAP) does not work, other attempts will be made.
Default: chainedPasswordProvider
omero.security.password_required¶
Controls whether the server will allow creation of user accounts with an empty password. If set to true (default, strict mode), empty passwords are disallowed. This still allows the guest user to interact with the server.
Default: true
omero.security.trustStore¶
A truststore is a database of trusted entities and their associated X.509 certificate chains authenticating the corresponding public keys. The truststore contains the Certificate Authority (CA) certificates and the certificate(s) of the other party to which this entity intends to send encrypted (confidential) data. This file must contain the public key certificates of the CA and the client’s public key certificate.
Default: [empty]
Server¶
omero.server.nodedescriptors¶
Override the default set of OMERO services.
For example, to run OMERO.server with Blitz and Tables only
(i.e. disable Processor, DropBox, Indexer, PixelData)
set this to master:Blitz-0,Tables-0.
Also use this to distribute OMERO services across multiple nodes,
for example:
master:Blitz-0,Tables-0 worker1:Processor-0.
See
https://docs.openmicroscopy.org/omero/latest/sysadmins/grid.html#deployment-examples
Default: [empty]
Web¶
omero.web.admins¶
A list of people who get code error notifications whenever the application identifies a broken link or raises an unhandled exception that results in an internal server error. This gives the administrators immediate notification of any errors, see OMERO.mail. Example:'[["Full Name", "email address"]]'.
Default: []
omero.web.application_server¶
OMERO.web is configured to run in Gunicorn as a generic WSGI (TCP)application by default. Available options: wsgi-tcp (Gunicorn, default), wsgi (Advanced users only, e.g. manual Apache configuration with mod_wsgi).
Default: wsgi-tcp
omero.web.application_server.host¶
The front-end webserver e.g. NGINX can be set up to run on a different host from OMERO.web. The property ensures that OMERO.web is accessible on an external IP. It requires copying all the OMERO.web static files to the separate NGINX server.
Default: 127.0.0.1
omero.web.application_server.max_requests¶
The maximum number of requests a worker will process before restarting.
Default: 0
omero.web.base_include_template¶
Template to be included in every page, at the end of the <body>
Default: None
omero.web.caches¶
OMERO.web offers alternative session backends to automatically delete stale data using the cache session store backend, see Django cached session documentation for more details.
Default: {"default": {"BACKEND": "django.core.cache.backends.dummy.DummyCache"}}
omero.web.cors_origin_allow_all¶
If True, cors_origin_whitelist will not be used and all origins will be authorized to make cross-site HTTP requests.
Default: false
omero.web.cors_origin_whitelist¶
A list of origin hostnames that are authorized to make cross-site HTTP requests. Used by the django-cors-headers app as described at https://github.com/ottoyiu/django-cors-headers
Default: []
omero.web.csrf_cookie_httponly¶
Prevent CSRF cookie from being accessed in JavaScript. Currently disabled as it breaks background JavaScript POSTs in OMERO.web.
Default: false
omero.web.csrf_cookie_secure¶
Restrict CSRF cookies to HTTPS only, you are strongly recommended to set this to true in production.
Default: false
omero.web.databases¶
Default: {}
omero.web.debug¶
A boolean that turns on/off debug mode. Use debug mode only in development, not in production, as it logs sensitive and confidential information in plaintext.
Default: false
omero.web.django_additional_settings¶
Additional Django settings as list of key-value tuples. Use this to set or override Django settings that aren’t managed by OMERO.web. E.g. ["CUSTOM_KEY", "CUSTOM_VALUE"]
Default: []
omero.web.favicon_url¶
Favicon URL, specifies the path relative to django’s static file dirs.
Default: webgateway/img/ome.ico
omero.web.feedback.comment.enabled¶
Enable the feedback form for comments. These comments are sent to the URL in omero.qa.feedback (OME team by default).
Default: true
omero.web.feedback.error.enabled¶
Enable the feedback form for errors. These errors are sent to the URL in omero.qa.feedback (OME team by default).
Default: true
omero.web.html_meta_referrer¶
Default content for the HTML Meta referrer tag. See https://www.w3.org/TR/referrer-policy/#referrer-policies for allowed values and https://caniuse.com/referrer-policy for browser compatibility. Warning: Internet Explorer 11 does not support the default value of this setting, you may want to change this to “origin” after reviewing the linked documentation.
Default: origin-when-crossorigin
omero.web.index_template¶
Define template used as an index page http://your_host/omero/.If None user is automatically redirected to the login page.For example use ‘webclient/index.html’.
Default: None
omero.web.login.client_downloads_base¶
GitHub repository containing the Desktop client downloads
Default: ome/omero-insight
omero.web.login.show_client_downloads¶
Whether to link to official client downloads on the login page
Default: true
omero.web.login_incorrect_credentials_text¶
The error message shown to users who enter an incorrect username or password.
Default: Connection not available, please check your user name and password.
omero.web.login_logo¶
Customize webclient login page with your own logo. Logo images should ideally be 150 pixels high or less and will appear above the OMERO logo. You will need to host the image somewhere else and link to it with the OMERO logo.
Default: None
omero.web.login_redirect¶
Redirect to the given location after logging in. It only supports arguments for Django reverse function. For example: '{"redirect": ["webindex"], "viewname": "load_template", "args":["userdata"], "query_string": {"experimenter": -1}}'
Default: {}
omero.web.login_view¶
The Django view name used for login. Use this to provide an alternative login workflow.
Default: weblogin
omero.web.max_table_download_rows¶
Prevent download of OMERO.tables exceeding this number of rows in a single request.
Default: 10000
omero.web.maximum_multifile_download_size¶
Prevent multiple files with total aggregate size greater than this value in bytes from being downloaded as a zip archive.
Default: 1073741824
omero.web.middleware¶
Warning: Only system administrators should use this feature. List of Django middleware classes in the form [{“class”: “class.name”, “index”: FLOAT}]. See Django middleware. Classes will be ordered by increasing index
Default: [{"index": 1, "class": "django.middleware.common.BrokenLinkEmailsMiddleware"},{"index": 2, "class": "django.middleware.common.CommonMiddleware"},{"index": 3, "class": "django.contrib.sessions.middleware.SessionMiddleware"},{"index": 4, "class": "django.middleware.csrf.CsrfViewMiddleware"},{"index": 5, "class": "django.contrib.messages.middleware.MessageMiddleware"},{"index": 6, "class": "django.middleware.clickjacking.XFrameOptionsMiddleware"}]
omero.web.nginx_server_extra_config¶
Extra configuration lines to add to the Nginx server block. Lines will be joined with n. Remember to terminate lines with; when necessary.
Default: []
omero.web.open_with¶
A list of viewers that can be used to display selected Images or other objects. Each viewer is defined as ["Name", "url", options]. Url is reverse(url). Selected objects are added to the url as ?image=:1&image=2Objects supported must be specified in options with e.g. {"supported_objects":["images"]} to enable viewer for one or more images.
Default: [["Image viewer", "webgateway", {"supported_objects": ["image"],"script_url": "webclient/javascript/ome.openwith_viewer.js"}]]
omero.web.page_size¶
Number of images displayed within a dataset or ‘orphaned’ container to prevent from loading them all at once.
Default: 200
omero.web.pipeline_css_compressor¶
Compressor class to be applied to CSS files. If empty or None, CSS files won’t be compressed.
Default: None
omero.web.pipeline_js_compressor¶
Compressor class to be applied to JavaScript files. If empty or None, JavaScript files won’t be compressed.
Default: None
omero.web.pipeline_staticfile_storage¶
The file storage engine to use when collecting static files with the collectstatic management command. See the documentation for more details.
Default: pipeline.storage.PipelineStorage
omero.web.plate_layout¶
If ‘shrink’, the plate will not display rows and columns before the first Well, or after the last Well. If ‘trim’, the plate will only show Wells from A1 to the last Well. If ‘expand’ (default), the plate will expand from A1 to a multiple of 12 columns x 8 rows after the last Well.
Default: expand
omero.web.prefix¶
Used as the value of the SCRIPT_NAME environment variable in any HTTP request.
Default: None
omero.web.public.cache.enabled¶
Default: false
omero.web.public.cache.key¶
Default: omero.web.public.cache.key
omero.web.public.cache.timeout¶
Default: 86400
omero.web.public.enabled¶
Enable and disable the OMERO.web public user functionality.
Default: false
omero.web.public.url_filter¶
Set a regular expression that matches URLs the public user is allowed to access. If this is not set, no URLs will be publicly available.
Default: (?#This regular expression matches nothing)a^
omero.web.redirect_allowed_hosts¶
If you wish to allow redirects to an external site, the domains must be listed here. For example [“openmicroscopy.org”].
Default: []
omero.web.root_application¶
Override the root application label that handles /. Warning you must ensure the application’s URLs do not conflict with other applications. omero-gallery is an example of an application that can be used for this (set to gallery)
Default: [empty]
omero.web.secret_key¶
A boolean that sets SECRET_KEY for a particular Django installation.
Default: None
omero.web.secure_proxy_ssl_header¶
A tuple representing a HTTP header/value combination that signifies a request is secure. Example '["HTTP_X_FORWARDED_PROTO_OMERO_WEB", "https"]'. For more details see secure proxy ssl header.
Default: []
omero.web.server_list¶
A list of servers the Web client can connect to.
Default: [["localhost", 4064, "omero"]]
omero.web.session_cookie_secure¶
Restrict session cookies to HTTPS only, you are strongly recommended to set this to true in production.
Default: false
omero.web.session_engine¶
Controls where Django stores session data. See Configuring the session engine for more details.
Default: omeroweb.filesessionstore
omero.web.session_expire_at_browser_close¶
A boolean that determines whether to expire the session when the user closes their browser. See Django Browser-length sessions vs. persistent sessions documentation for more details.
Default: true
omero.web.sharing.opengraph¶
Dictionary of server-name: site-name, where server-name matches a name from omero.web.server_list. For example: '{"omero": "Open Microscopy"}'
Default: {}
omero.web.sharing.twitter¶
Dictionary of server-name: @twitter-site-username, where server-name matches a name from omero.web.server_list. For example: '{"omero": "@openmicroscopy"}'
Default: {}
omero.web.show_forgot_password¶
Allows to hide ‘Forgot password’ from the login view - useful for LDAP/ActiveDir installations
Default: true
omero.web.static_root¶
The absolute path to the directory where collectstatic will collect static files for deployment. If the staticfiles contrib app is enabled (default) the collectstatic management command will collect static files into this directory.
Default: /home/omero/OMERO.server/var/static
omero.web.static_url¶
URL to use when referring to static files. Example: '/static/' or 'http://static.example.com/'. Used as the base path for asset definitions (the Media class) and the staticfiles app. It must end in a slash if set to a non-empty value.
Default: /static/
omero.web.staticfile_dirs¶
Defines the additional locations the staticfiles app will traverse if the FileSystemFinder finder is enabled, e.g. if you use the collectstatic or findstatic management command or use the static file serving view.
Default: []
omero.web.template_dirs¶
List of locations of the template source files, in search order. Note that these paths should use Unix-style forward slashes.
Default: []
omero.web.thumbnails_batch¶
Number of thumbnails retrieved to prevent from loading them all at once. Make sure the size is not too big, otherwise you may exceed limit request line, see https://docs.gunicorn.org/en/latest/settings.html?highlight=limit_request_line
Default: 50
omero.web.time_zone¶
Time zone for this installation. Choices can be found in the TZ database name column of: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones Default "Europe/London"
Default: Europe/London
omero.web.top_logo¶
Customize the webclient top bar logo. The recommended image height is 23 pixels and it must be hosted outside of OMERO.web.
Default: [empty]
omero.web.top_logo_link¶
The target location of the webclient top logo, default unlinked.
Default: [empty]
omero.web.ui.center_plugins¶
Add plugins to the center panels. Plugins are ['Channel overlay', 'webtest/webclient_plugins/center_plugin.overlay.js.html', 'channel_overlay_panel']. The javascript loads data into $('#div_id').
Default: []
omero.web.ui.metadata_panes¶
Manage Metadata pane accordion. This functionality is limited to the existing sections.
Default: [{"name": "tag", "label": "Tags", "index": 1},{"name": "map", "label": "Key-Value Pairs", "index": 2},{"name": "table", "label": "Tables", "index": 3},{"name": "file", "label": "Attachments", "index": 4},{"name": "comment", "label": "Comments", "index": 5},{"name": "rating", "label": "Ratings", "index": 6},{"name": "other", "label": "Others", "index": 7}]
omero.web.ui.right_plugins¶
Add plugins to the right-hand panel. Plugins are ['Label', 'include.js', 'div_id']. The javascript loads data into $('#div_id').
Default: [["Acquisition", "webclient/data/includes/right_plugin.acquisition.js.html", "metadata_tab"],["Preview", "webclient/data/includes/right_plugin.preview.js.html", "preview_tab"]]
omero.web.ui.top_links¶
Add links to the top header: links are ['Link Text', 'link|lookup_view', options], where the url is reverse(‘link’), simply ‘link’ (for external urls) or lookup_view is a detailed dictionary {“viewname”: “str”, “args”: [], “query_string”: {“param”: “value” }], E.g. '["Webtest", "webtest_index"] or ["Homepage", "http://...", {"title": "Homepage", "target": "new"} ] or ["Repository", {"viewname": "webindex", "query_string": {"experimenter": -1}}, {"title": "Repo"}]'
Default: [["Data", "webindex", {"title": "Browse Data via Projects, Tags etc"}],["History", "history", {"title": "History"}],["Help", "https://help.openmicroscopy.org/",{"title":"Open OMERO user guide in a new tab", "target":"new"}]]
omero.web.use_x_forwarded_host¶
Specifies whether to use the X-Forwarded-Host header in preference to the Host header. This should only be enabled if a proxy which sets this header is in use.
Default: false
omero.web.user_dropdown¶
Whether or not to include a user dropdown in the base template. Particularly useful when used in combination with the OMERO.web public user where logging in may not make sense.
Default: true
omero.web.viewer.view¶
Django view which handles display of, or redirection to, the desired full image viewer.
Default: omeroweb.webclient.views.image_viewer
omero.web.webgateway_cache¶
Default: None
omero.web.wsgi_args¶
A string representing Gunicorn additional arguments. Check Gunicorn Documentation https://docs.gunicorn.org/en/latest/settings.html
Default: None
omero.web.wsgi_timeout¶
Workers silent for more than this many seconds are killed and restarted. Check Gunicorn Documentation https://docs.gunicorn.org/en/stable/settings.html#timeout
Default: 60
omero.web.wsgi_workers¶
The number of worker processes for handling requests. Check Gunicorn Documentation https://docs.gunicorn.org/en/stable/settings.html#workers
Default: 5
