fit.ini

This document provides an overview of the configuration settings that can be set in the file conf/fit.ini or in .ini files in the directory conf/fit.ini.d/.

Configuration settings are written line-by-line with the following syntax. Lines beginning with a semicolon are considered comments. Blank lines are ignored:

; Comment
;
string_setting = "a string value"
boolean_setting = false
numeric_setting = 42

Each configuration setting has one of the following types:

Type Allowed values Examples
Boolean a Boolean truth value true, false
Number any natural number, including 0 0, 42, 4194304
String a string of characters enclosed in double quotes "", "localhost"
Regular Expressions A string containing a list of regular expressions, including delimiters and modifiers, separated by spaces. "|https?://example\.com| #example\.(net|org)#i"

The fitadmin command line tool in /opt/sevenval/fit14/bin allows easy access to all configuration settings.

# fitadmin config list

outputs a list of all configuration settings. To get a specific value use fitadmin config get, e.g.

# fitadmin config get FIT_HTTP_PROXY

The following sections describe all supported configuration settings. See also the commented configuration file conf/fit.ini.

General settings

Setting Type Default value
FIT_VHOST_DEFAULT_IP String "*"
FIT_USER String "fit-data"
FIT_INSTALLATION_ROLE String ""
  • FIT_VHOST_DEFAULT_IP: The IP address used for the Apache virtual hosts. After changing this value you have to execute fitadmin config generate to update the Apache configuration in conf/include/listen.conf and conf/vhosts. (see domain configuration.
  • FIT_USER: The Unix user to start the FIT Server with. If your FIT Server binds to ports lower than 1024, the value must be "root". If your FIT Server only uses ports from 1024 upwards, we recommend setting this to a non privileged user of the fit-data group, for example "fit-data".
  • FIT_INSTALLATION_ROLE: This setting is used to distinguish production systems from staging or development servers. Its value is accessible in the delivery context as server/role. You can use it in AI filters or to change the flow you are using. For example, you could use placeholder ads when you are on a devel installation.

Debugging

Setting Type Default value
FIT_ALLOW_DEBUG_LOGGING Boolean false
FIT_DEFAULT_ENGINE_DEBUG String ""
FIT_DEBUG_LOGGING_WHITELIST Regular Expressions ""
FIT_DEBUG_AUTH_USER String ""
FIT_DEBUG_AUTH_PASSWORD String ""
FIT_STRICT_CONFIG Boolean false
FIT_VERBOSE_EXCEPTIONS Boolean false
FIT_DEPRECATION_EXCEPTIONS Boolean false
FIT_STRICT_IMAGE_PROCESSING Boolean false
  • FIT_ALLOW_DEBUG_LOGGING: Setting this to true enables debugging by way of the URL mark d=…. On production systems, this is usually set to false.
  • FIT_DEFAULT_ENGINE_DEBUG: Controls which information is included in the debug output, e.g. errorlog-fetch-info.
  • FIT_DEBUG_LOGGING_WHITELIST: Defines which clients are allowed to see debug output via the URL Mark d=…. The regular expressions are matched against the client’s IP address.
  • FIT_DEBUG_AUTH_USER: Clients not authorized by FIT_DEBUG_LOGGING_WHITELIST may authenticate themselves with this user name and the password defined by FIT_DEBUG_AUTH_PASSWORD.
  • FIT_DEBUG_AUTH_PASSWORD: The password used for authentication.
  • FIT_STRICT_CONFIG: Enables the strict XML validation of the site configuration files. If enabled and a site configuration file is not well-formed, the FIT Engine will terminate with an exception.
  • FIT_VERBOSE_EXCEPTIONS: Enables the output of the detailed exception messages in case of fatal errors. If enabled, the exception messages are visible to all users. On production systems, this setting should usually be left disabled, i.e. set to “false”. If disabled (false), no EXCEPTION placeholder is available in the exceptions template.
  • FIT_DEPRECATION_EXCEPTIONS: Enables the strict deprecation handling. If enabled, the usage of deprecated features terminates with an error. On production systems, this setting should usually be left disabled, i.e. set to “false”.
  • FIT_STRICT_IMAGE_PROCESSING: Enables the strict image processing. If enabled, errors during image processing will terminate the request. If disabled (default), the original image will be used in case of errors and the client will always receive an image.

Refer to the debugging documentation for details.

Security

Setting Type Default value
FIT_ALLOW_OPEN_ACL Boolean true
  • FIT_ALLOW_OPEN_ACL: Allows to use the option allow-all="true" in sites’ acl.xml.

FIT Engine

Setting Type Default value
FIT_FETCH_DEFAULT_TIMEOUT Number 3
FIT_FETCH_DEFAULT_CONNECT_TIMEOUT Number 0
FIT_FETCH_MAX_TIMEOUT Number 20
FIT_FETCH_DEFAULT_LOW_SPEED_TIMEOUT Number 0
FIT_USE_PERSISTENT_CONNECTIONS Boolean true
FIT_MAX_TIMEOUT_PROCESSES Number 30
FIT_MAX_IMAGE_AREA Number 8
FIT_ALLOW_TRANSPORT_MAPPING Boolean false
FIT_USE_XSLT_CACHE Boolean true
FIT_MAX_CONTENT_SIZE Number 15
FIT_MAX_PARSE_SIZE Number 4
FIT_MAX_IMAGE_PROCESSES Number 0
  • FIT_FETCH_DEFAULT_TIMEOUT: Default timeout in seconds for outgoing HTTP requests. May be overridden in fit://site/conf/sources.xml or in a request action. The maximum allowed timeout is limited by FIT_FETCH_MAX_TIMEOUT.
  • FIT_FETCH_DEFAULT_CONNECT_TIMEOUT: Default connection timeout in seconds for outgoing HTTP requests. May be overridden in fit://site/conf/sources.xml or in a request action. If set to 0, the value of FIT_FETCH_DEFAULT_TIMEOUT is used. The maximum permitted timeout is limited by FIT_FETCH_MAX_TIMEOUT.
  • FIT_FETCH_MAX_TIMEOUT: Maximum allowed time in seconds for outgoing HTTP requests.
  • FIT_FETCH_DEFAULT_LOW_SPEED_TIMEOUT: Default timeout in seconds for slow (“low-speed”) outgoing HTTP requests. May be overridden in fit://site/conf/sources.xml or in a request action.
  • FIT_USE_PERSISTENT_CONNECTIONS: Can be used to disable HTTP persistent connection (HTTP keepalive) for communication with all origin servers.
  • FIT_MAX_TIMEOUT_PROCESSES: Specifies how many PHP-FPM processes are allowed to wait for slow sources at any one time. The lower the threshold value, the earlier slow sources will be blocked.
  • FIT_MAX_IMAGE_AREA: Maximum size of an output image in megapixels for the Image Compression and Image Scaling.
  • FIT_ALLOW_TRANSPORT_MAPPING: Allow sites to change transport parameters of source requests, such as protocol, hosts or ports.
  • FIT_USE_XSLT_CACHE: If set to false, no compiled XSLT stylesheets will be cached. On production systems, this should be left at the default value true.
  • FIT_MAX_PARSE_SIZE: Maximum input size for the HTML/XML parser in megabytes. Set to prevent excessive CPU usage when processing large DOMs. If the given size is exceeded, the request terminates with an error. Make sure the value is large enough to parse your configuration files (flow.xml, sources.xml etc.) – we recommend a minimum of 1 megabyte.
  • FIT_MAX_CONTENT_SIZE: Maximum input size for optimizations of any type of content in megabyte (MiB). Set to prevent excessive CPU usage when processing large files. If the given size is exceeded, the input file is passed through unchanged.
  • FIT_MAX_IMAGE_PROCESSES: If set to a value greater than 0, establishes an upper limit for the number of concurrently running image optimization processes. Use to prevent excessive CPU usage when optimizing images. While the given number of processes is reached, no further images will be optimized until one or more running optimization process have finished, i.e. the current best available version of the image - which may be the unmodified original - will be delivered to the client.

Since FIT uses mod_proxy_fcgi to communicate with php-fpm, the ProxyTimeout setting of the Apache httpd limits the overall time FIT may take to deliver a result. If it is exceeded, a 503 (Service Unavailable) response may be displayed. The value should at least be slightly larger than the FIT_FETCH_MAX_TIMEOUT. Note that FIT may execute multiple requests sequentially, each of which may take FIT_FETCH_MAX_TIMEOUT seconds, and may additionally take max_execution_time seconds on top of that to compute the output.

Proxy

Setting Type Default value
FIT_HTTP_PROXY String ""
FIT_HTTP_PROXY_USER String ""
FIT_HTTP_PROXY_PASS String ""
FIT_NO_PROXY_LOCATIONS Regular Expressions ""
  • FIT_HTTP_PROXY: Address of the proxy via which all external resources are loaded, e.g. http://127.0.0.1:3128.
  • FIT_HTTP_PROXY_USER: User name, if the proxy specified by FIT_HTTP_PROXY requires authentication.
  • FIT_HTTP_PROXY_PASS: Password used for proxy authentication.
  • FIT_NO_PROXY_LOCATIONS: Specify resources that should not be loaded via the proxy (FIT_HTTP_PROXY) with a list of regular expressions. The expressions are whitespace separated and have to have delimiters. They are matched against the request URL (from scheme to query string).
    For example, use #^https://# to bypass the proxy for HTTPS requests. With ;^http://[^:/]:(?!80)/; requests to origins with ports other than 80 will bypass the proxy. You can combine multiple patterns and the delimiters are at your choice: #foo# /bar/. Keep in mind to anchor your expressions, otherwise #example\.com# would also match http://evil.com/?example.com.

Server Status

Setting Type Default value
FIT_STATUS_URL String ""
  • FIT_STATUS_URL: URL at which the server status can be accessed, e.g. http://127.0.0.1:8880/