1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
(server)=
# Server configuration
The Incus server can be configured through a set of key/value configuration options.
The key/value configuration is namespaced.
The following options are available:
- {ref}`server-options-core`
- {ref}`server-options-acme`
- {ref}`server-options-cluster`
- {ref}`server-options-images`
- {ref}`server-options-loki`
- {ref}`server-options-misc`
- {ref}`server-options-oidc`
- {ref}`server-options-openfga`
See {ref}`server-configure` for instructions on how to set the configuration options.
```{note}
Options marked with a `global` scope are immediately applied to all cluster members.
Options with a `local` scope must be set on a per-member basis.
```
(server-options-core)=
## Core configuration
The following server options control the core daemon configuration:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-core start -->
:end-before: <!-- config group server-core end -->
```
(server-options-acme)=
## ACME configuration
The following server options control the {ref}`ACME <authentication-server-certificate>` configuration:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-acme start -->
:end-before: <!-- config group server-acme end -->
```
(server-options-oidc)=
## OpenID Connect configuration
The following server options configure external user authentication through {ref}`authentication-openid`:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-oidc start -->
:end-before: <!-- config group server-oidc end -->
```
(server-options-openfga)=
## OpenFGA configuration
The following server options configure external user authorization through {ref}`authorization-openfga`:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-openfga start -->
:end-before: <!-- config group server-openfga end -->
```
(server-options-cluster)=
## Cluster configuration
The following server options control {ref}`clustering`:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-cluster start -->
:end-before: <!-- config group server-cluster end -->
```
(server-options-images)=
## Images configuration
The following server options configure how to handle {ref}`images`:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-images start -->
:end-before: <!-- config group server-images end -->
```
(server-options-loki)=
## Loki configuration
The following server options configure the external log aggregation system:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-loki start -->
:end-before: <!-- config group server-loki end -->
```
(server-options-misc)=
## Miscellaneous options
The following server options configure server-specific settings for {ref}`instances`, {ref}`OVN <network-ovn>` integration, {ref}`Backups <backups>` and {ref}`storage`:
% Include content from [config_options.txt](config_options.txt)
```{include} config_options.txt
:start-after: <!-- config group server-miscellaneous start -->
:end-before: <!-- config group server-miscellaneous end -->
```
(server-options-user)=
## User options
Additional user defined configuration keys are available within the `user.` namespace.
Note that keys starting with `user.ui.` are used for web UI configuration options and are visible even to unauthenticated users.
|
