Users configure the Cute server Startup, Business, and Enterprise editions using a configuration file with the INI file format.
Users configure the Cute server Startup, Business, and Enterprise editions with a text file in the INI format. Users can set the configuration file's location on disk with a command-line option. Otherwise, Cute assumes that a configuration file named cute-server.conf is located in the application directory.
The configuration file is an INI text file. This file must have a section named 'Common' and at least one listener. Users configure listeners in sections named 'Listener.*', where * is one or more letters [a-z, A-Z], digits [0-9], spaces or points. Thus, Listener.StatsBackend, Listener.1, and Listener.AnythingGoes are valid names, while Listener.stats_backend and Listener. are not. Any other section name is not allowed. Thus, the INI configuration file has the following sections:
| Key | Value |
|---|---|
| Common | section containing server-wide information |
| Listener.* | sections configuring different listeners. |
The Common section has the following entries:
| Key | Description | Default Value | Is Optional |
|---|---|---|---|
| licenseFilePath | The file path of the file containing the product key. | "" | Y |
| logTo | A string containing the file path of the log file, or equal to either "disabled", or "syslog". | syslog | Y |
| logLevel | A string equal to either "Debug", "Info", "Warning", "Critical", or "Fatal". | Warning | Y |
| maxLogFileSizeInBytes | The maximum size in bytes of log files. Only applicable when logging to a file. | 100000000 | Y |
| maxPreviousLogFilesToKeep | The maximum number of previous log files to keep. Only applicable when logging to a file. | 10 | Y |
| pidFile | A string containing the file path to store the process's PID value. | "" | Y |
| remoteObjectsLib | A string containing the file path of the remote objects library to load. (see Exposing remote objects for more information.) | "" | N |
| workerCount | An integer containing the number of workers that the server should use. When set to -1, the server uses as many workers as available cores. Incompatible with the workersAffinity entry. | -1 | Y |
| workersAffinity | An array of integers. The server creates as many workers as the size of this array. The array's values are used as CPU IDs to pin the workers. Incompatible with the workerCount entry. The Cute server Enterprise edition uses BPF to ensure packet locality when processing network data. For all other server editions, this key has the same effect as specifying the workerCount key with a value equal to the size of this array. | an empty array. | Y |
and the Listener.* sections have the following entries:
| Key | Description | Default Value | Is Optional |
|---|---|---|---|
| address | IPV4/IPV6 address to listen to. | "" | N |
| port | Port number to listen to (must be an integer between 1 and 65535). | 0 | N |
| certificate | A string containing the file path of the SSL certificate used to encrypt the connection. The privateKey key must contain the file path of the private key associated with this certificate. | "" | Y |
| certificateEncodingFormat | A string containing the encoding format of the SSL certificate. It must be either "DER" or "PEM". | "PEM" | Y |
| privateKey | A string containing the file path of the private key associated with the certificate specified in the certificate key. | "" | Y |
| privateKeyAlgorithm | A string containing the private key algorithm. It must be either "RSA", "DSA", or "EC". | "RSA" | Y |
| privateKeyEncodingFormat | A string containing the encoding format of the private key. It must be either "DER" or "PEM" | "PEM" | Y |
| addDefaultCaCerts | A boolean value. If true, the server adds the system CA Certificates to the list of CA Certificates used for encrypted connections. | true | Y |
| twoWaySSL | A boolean value. If true, the server will verify the peer (the client must send a certificate to the server to prove its identity). | false | Y |
| caCertificates | An array of strings containing the file paths of the certificates that the server should add to the list of CA Certificated that the server uses for encrypted connections. | empty array | Y |
| ciphers | An array of strings containing the name of the ciphers that the server should use for encrypted connections. | ciphers returned by QSslConfiguration::supportedCiphers. | Y |
| ellipticCurves | An array of strings containing the name of the elliptic curves that the server should use for encrypted connections. | elliptic curves returned by QSslConfiguration::supportedEllipticCurves. | Y |
| dhParametersFile | A string containing the file path of a file containing Diffie-Hellman parameters. | 1024-bit MODP group from RFC 2409 | Y |
| tlsProtocol | A string containing the TLS protocol that the server should use for encrypted connections. Must be either "1.0", "1.1", "1.2", or "1.3". | "1.2" | Y |
| acceptNewerTlsProtocols | A boolean value. If true, the server accepts TLS protocols newer than the TLS protocol specified by "tlsProtocol" or the default TLS protocol. | true | Y |
| maxRequestSizeInBytes | The maximum request size in bytes that the server is allowed to accept. | 8192 | Y |
| connectionTimeoutInSecs | The time in seconds that the server keeps a connection without receiving any data before dropping it. If -1, the connection never expires. | -1 | Y |
| sslHandshakeTimeoutInSecs | The time in seconds that clients have to finish the SSL handshake before the server drops the connection. | 20 | Y |
| requestTimeoutInSecs | The time in seconds that clients have to send a complete message to the server before the server drops the connection. | 30 | Y |
| remoteObjectConnectionTimeoutInSecs | The time in seconds that clients have to establish connections to remote objects before the server drops the connection. | 20 | Y |
| cuteHandshakeTimeoutInSecs | The time in seconds that clients have to complete the Cute handshake before the server drops the connection. | 20 | Y |
| proxyProtocolTimeoutInSecs | The time in seconds that proxies have to send the proxy header to the server before the server drops the connection. | 20 | Y |
| websocketHandshakeTimeoutInSecs | The time in seconds that clients have to complete the WebSocket handshake before the server drops the connection. | 20 | Y |
| proxyAddressHeader | The name of the HTTP header that the proxy uses to pass client information. The proxy uses the header value to write the proxy's address on its connection with the client. | "" | Y |
| proxyPortHeader | The name of the HTTP header that the proxy uses to pass client information. The proxy uses the header value to write the proxy's port on its connection with the client. | "" | Y |
| proxiedAddressHeader | The name of the HTTP header that the proxy uses to pass client information. The proxy uses the header value to write the client's address on its connection with the proxy. | "" | Y |
| proxiedPortHeader | The name of the HTTP header that the proxy uses to pass client information. The proxy uses the header value to write the client's port on its connection with the proxy. | "" | Y |
| enableProxyProtocol | A boolean value. The server expects a proxy header to be sent on new connections if true. If true and the server does not receive a proxy header, the server drops the connection. Both protocol versions 1 and 2 are supported. | false | Y |
| maxConnections | An integer value that specifies the maximum number of connections that the Listener should allow. If -1, no limits are enforced. | -1 | Y |
| compress | A boolean value. If true, then the server compresses messages. This key does not affect HTTP-based interaction. | false | Y |
| compressMinSizeInBytes | An integer specifying the size threshold below which the server does not compress messages. Value is in bytes. This key does not affect HTTP-based interaction. | 1200 | Y |
| maxRemoteObjectsPerConnection | The maximum number of remote objects that the server should allow on the WebSocket connections. The server drops the connection if the client tries to create a remote object beyond this limit. | 256 | Y |
| maxRemoteSignalSlotConnectionsPerRemoteObject | The maximum number of remote signal slot connections that the server should allow for remote objects. | 64 | Y |
The configuration file below shows a configuration file that sets three listeners per thread. One listens on all IPV4 addresses, one listens on IPV4 localhost, and the last one listens on all IPV6 addresses.
[Common] logTo = /var/log/cute-server.log logLevel = Info pidFile = /var/run/cute-server.pid remoteObjectsLib = /usr/share/cute/cute_remote_objects_lib.so workerCount = -1 [Listener.AllIPV4] address = 0.0.0.0 port = 8443 certificate = /etc/letsencrypt/live/my_domain/fullchain.pem privateKey = /etc/letsencrypt/live/my_domain/privkey.pem addDefaultCaCerts = true caCertificates = /opt/siliconfleet/ssl/client/client-cert.pem ciphers = "ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES256-GCM-SHA384", "ECDHE-ECDSA-CHACHA20-POLY1305" ellipticCurves = "prime256v1", "secp384r1", "secp521r1" dhParametersFile = /opt/siliconfleet/dh_file tlsProtocol = 1.2 acceptNewerTlsProtocols = true maxRequestSizeInBytes = 8000 connectionTimeoutInSecs = 100 sslHandshakeTimeoutInSecs = 20 requestTimeoutInSecs = 20 remoteObjectConnectionTimeoutInSecs = 20 enableProxyProtocol = false [Listener.IPV4LocalHost] address = 127.0.0.1 port = 9080 maxRequestSizeInBytes = 8000 connectionTimeoutInSecs = 100 [Listener.AllIPV6] address = :: port = 2280
The Cute server Startup, Business, and Enterprise editions accept configuration-line options for information or configuration purposes that are mutually exclusive. Below are the command-line options used for information purposes (it is not allowed to combine command-line options used for information purposes):
| Command Line Option | Description |
|---|---|
| -h, --help | Show help message and exit. |
| -v, --version | Show version and exit. |
| -c, --ciphers | Show available ciphers for SSL-encrypted connections and exit. |
| -e, --elliptic-curves | Show available elliptic curves for SSL-encrypted connections and exit. |
| -s, --ca-certs | Show default CA certificates for SSL-encrypted connections and exit. |
| -t, --validate-conf-file <file> | Validate given configuration <file> and exit. If no <file> is given, validates configuration file located at the folder that contains the server executable. |
Below are the command-line options used for configuration purposes (it is allowed to combine command-line options used for configuration purposes):
| Command Line Option | Description |
|---|---|
| -n, --no-daemon | Runs server as an app. |
| -f, --conf-file <file> | Uses <file> as the server's configuration file. |