#********************************************************************
# Service Wrapper Properties
#********************************************************************

# Initial Working Directory (i.e., absolute installation directory path)
wrapper.working.dir=${ghidra_home}

# Temporary directory (set WRAPPER_TMPDIR in ghidraSvr(.bat) script to modify this)
wrapper.tmp.path=${wrapper_tmpdir}

# Mac OS X launchd plist directory
wrapper.launchd.dir=/Library/LaunchDaemons

# Java Application
wrapper.java.command=${java}

# Establish default permissions for generated files
wrapper.java.umask=027

# Java Classpath
include=${classpath_frag}

# Java Additional Parameters
wrapper.java.additional.1=-Djava.net.preferIPv4Stack=true

# Establishes a minimum number of rolling server.log backups to be maintained
wrapper.java.additional.2=-DApplicationRollingFileAppender.maxBackupIndex=10

# Ensure that classpath_frag is defined for service startup
wrapper.java.additional.3=-Dclasspath_frag=${classpath_frag}

# Java temporary directory (set WRAPPER_TMPDIR in ghidraSvr(.bat) script to modify this)
wrapper.java.additional.4=-Djava.io.tmpdir=${wrapper_tmpdir}

# JNA temporary directory (set WRAPPER_TMPDIR in ghidraSvr(.bat) script to modify this).
# Note that YAJSW relies on jna_tmpdir (underscore).  We set jna.tmpdir in case the Ghidra Server ever wants to do JNA.
wrapper.java.additional.5=-Djna.tmpdir=${wrapper_tmpdir}

# Limit server to specific TLS protocols for all secure connections.
# NOTE: multiple protocols must be separated with a semi-colon (e.g., TLSv1.2;TLSv1.3).
wrapper.java.additional.6=-Dghidra.tls.server.protocols=TLSv1.2;TLSv1.3

# A suitable cacerts file must be installed when using PKI authentication
#wrapper.java.additional.7=-Dghidra.cacerts=./Ghidra/cacerts

# If Ghidra clients must authenticate the server, the server will need to install
# a server key/certificate in a secure location (e.g., /etc/pki/...) 
# and specify the location and password via the properties below.
# Be sure to properly set permissions on the Ghidra installation and this file
# if using these settings.
#wrapper.java.additional.8=-Dghidra.keystore=
#wrapper.java.additional.9=-Dghidra.password=

# Enable/Disable use of compression for DataBuffer serialization and Block Streams
wrapper.java.additional.10=-Ddb.buffers.DataBuffer.compressedOutput=true

# Uncomment to enable remote debug support
# The debug address will listen on all network interfaces, if desired the '*' may be
# set to a specific interface IP address (e.g., 127.0.0.1) if you wish to restrict.
# During debug it may be necessary to increase timeout values to prevent the wrapper
# from restarting the server due to unresponsiveness.
#wrapper.java.additional.11=-Xdebug
#wrapper.java.additional.12=-Xnoagent
#wrapper.java.additional.13=-Djava.compiler=NONE
#wrapper.java.additional.14=-Xrunjdwp:transport=dt_socket\,server=y\,suspend=n\,address=*:18200
#wrapper.startup.timeout=0
#wrapper.ping.timeout=0

# Optional debug enablement instead of using the wrapper.java.additional arguments above
# This will cause application to start in a suspended state in debug mode and increase
# timeouts to their maximum values.
#wrapper.java.debug.port=18200

# Uncomment to enable remote use of jvisualvm for profiling
# See JMX documentation for more information: http://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html
#wrapper.java.additional.15=-Dcom.sun.management.jmxremote.port=9010
#wrapper.java.additional.16=-Dcom.sun.management.jmxremote.local.only=false
#wrapper.java.additional.17=-Dcom.sun.management.jmxremote.authenticate=false
#wrapper.java.additional.18=-Dcom.sun.management.jmxremote.ssl=false

# YAJSW will by default assume a POSIX spawn for Linux and Mac OS X systems, unfortunately it has 
# not yet been implemented for Mac OS X.  The default process support within YAJSW for Mac OS X is 
# broken so we must force the use of BSD process support which appears to work properly.  To enable 
# this mode of operation the wrapper.fork_hack option must be enabled and the wrapper.posix_spawn
# option explicitly disabled.  The ghidraSvr script will attempt to make these changes automatically
# for Mac OS X.
#wrapper.fork_hack=true

# Pipe server output to console/log
#wrapper.console.pipestreams=true

# Monitor for Deadlock
wrapper.java.monitor.deadlock = true

# Main server application class
wrapper.java.app.mainclass=ghidra.server.remote.GhidraServer

# Initial Java Heap Size (in MB)
wrapper.java.initmemory=396

# Maximum Java Heap Size (in MB)
# See svrREADME.txt file for advice (Server Memory Considerations)
wrapper.java.maxmemory=768

# Specify the directory used to store repositories. This directory must be dedicated to this 
# Ghidra Server instance and may not contain files or folders not produced by the 
# Ghidra Server or its administrative scripts.  Relative paths originate from the 
# Ghidra installation directory, although an absolute path is preferred if not using default.
# This variable is also used by the svrAdmin script.

ghidra.repositories.dir=./repositories

# Ghidra server startup parameters.  
#
# Command line parameters: (Add command line parameters as needed and renumber each starting from .1)
#						[-ip <hostname>] [-i #.#.#.#] [-p#] [-n]
#						[-a#] [-d<ad_domain>] [-e<days>] [-jaas <config_file>] [-u] [-autoProvision] [-anonymous] [-ssh]
#						<repository_path>
#
#   -ip <hostname> : identifies the remote access IPv4 address or hostname (FQDN) which should be 
#   	                used by remote clients to access the server.
#   	                 
#   -i #.#.#.# : server interface IPv4 address to listen on (default will listen on all interfaces).
#	
#   -p# : base TCP port to be used (default: 13100) [see Note 1]
#   
#   -n   : enable reverse name lookup for IP addresses when logging (requires proper configuration 
#          of reverse lookup by your DNS server)
#
#   -a# : an optional authentication mode where # is a value of 0, 1, 2, or 4
#         0 - Private user password
#         1 - Active Directory via Kerberos.  Requires -d<your.ad_domainname.tld>
#         2 - PKI Authentication
#         4 - JAAS Authentication.  See also -jaas <config_file>
#         
#   -d<ad_domain> : the Active Directory domain name.  Example: "-dmydomain.com"
# 
#   -e<days> : specifies initial/reset password expiration time in days (-a0 mode only, default is 1-day, 0 = no expiration)
#
#   -jaas <config_file> : specifies the path to the JAAS config file (when using -a4), relative
#                         to the ghidra/server directory (if not absolute).
#                         See jaas.conf for examples and suggestions.
#                         It is the system administrator's responsibility to craft their own 
#                         JAAS configuration directive when using the -a4 mode.
#   
#   -u   : enable users to be prompted for user ID (does not apply to -a2 PKI mode)
#   
#   -autoProvision : enable the auto-creation of new Ghidra Server
#                    users when they successfully authenticate to the server (-a1 and -a4 modes only).
#                    Users removed from the authentication provider (e.g., Active Directory) will need to be
#                    deleted manually from the Ghidra Server using svrAdmin command.
#
#   -anonymous : enables anonymous repository access (see svrREADME.html for details)
# 
#   -ssh : enables SSH authentication for headless clients
#
#   <repository_path> : Required.  Directory used to store repositories. This directory must be dedicated to this 
#                       Ghidra Server instance and may not contain files or folders not produced
#                       by the Ghidra Server or its administrative scripts.
#                       Relative paths originate from the installation directory
#   ${ghidra.repositories.dir} : config variable (defined above) which identifies the directory 
#                       used to store repositories.  Use of this variable to define the
#                       repositories directory must be retained.
wrapper.app.parameter.1=-a0
wrapper.app.parameter.2=${ghidra.repositories.dir}

# Establish server process owner
# This should only be used when installing as a service using a nologin
# local user account.  Establishing a suitable account is left as a
# system administration task.  NOTE: the use of this feature is not
# yet supported for Windows installations.
#wrapper.app.account=ghidra

#********************************************************************
# Service Wrapper Logging Properties
#********************************************************************
# Format of output for the console.  (See docs for formats)
wrapper.console.format=PM

# Log Level for console output.  (use INFO to see Ghidra Server activity)
wrapper.console.loglevel=INFO

# Provide additional wrapper debug logging info
#wrapper.debug=true

# Log file to use for wrapper output logging.
wrapper.logfile=wrapper.log

# Format of output for the log file.  (See docs for formats)
wrapper.logfile.format=LPTM

# Log Level for wrapper.log file output.  (See docs for log levels)
wrapper.logfile.loglevel=INFO

# Maximum size that the log file will be allowed to grow to before
#  the log is rolled. Size is specified in bytes.  The default value
#  of 0, disables log rolling.  May abbreviate with the 'k' (kb) or
#  'm' (mb) suffix.  For example: 10m = 10 megabytes.
wrapper.logfile.maxsize=10m

# Maximum number of rolled log files which will be allowed before old
#  files are deleted.  The default value of 0 implies no limit.
wrapper.logfile.maxfiles=10

#********************************************************************
# Service Wrapper Linux Properties
#********************************************************************
# Force initd (systemd had issues during testing on Ubuntu 21.04 with yajsw-13.00)
wrapper.daemon.system = initd

#********************************************************************
# Service Wrapper Windows Properties
#********************************************************************
# Title to use when running as a console
wrapper.console.title=Ghidra Server

#********************************************************************
# Service Wrapper Windows NT/2000/XP Service Properties
#********************************************************************
# WARNING - Do not modify any of these properties when an application
#  using this configuration file has been installed as a service.
#  Please uninstall the service before modifying this section.  The
#  service can then be reinstalled.

# Name of the service
wrapper.ntservice.name=ghidraSvr

# Display name of the service
wrapper.ntservice.displayname=Ghidra Server

# Description of the service
wrapper.ntservice.description=Repository server for Ghidra data files.

# Service dependencies.  Add dependencies as needed starting from 1
wrapper.ntservice.dependency.1=

# Mode in which the service is installed.  
wrapper.ntservice.starttype=AUTO_START

# Linux service daemon priority for Ghidra Server (start/stop)
# It is important that the network interface has started and any file-system
# dependencies are mounted prior to the Ghidra Server starting.
# NOTE: uninstall the Ghidra Server service using svrUninstall script before changing 
# the property wrapper.daemon.update_rc or wrapper.daemon.run_level_dir property.
wrapper.daemon.update_rc= 98 05

# Linux service daemon link directories
wrapper.daemon.run_level_dir=/etc/rcX.d

# Allow the service to interact with the desktop.
wrapper.ntservice.interactive=false

# Restart failed service after 1 minute delay
wrapper.ntservice.failure_actions.actions=RESTART
wrapper.ntservice.failure_actions.actions_delay=60000