返回顶部

Customize the Workflow Manager configuration file

在本主题中

  1. Administrative parameters
  2. Geoprocessing tool names that match Arcade expressions
  3. Configure a high-availability deployment
  4. Sample configuration file

需要 Workflow Manager 许可。

As an administrator, you can add and manage properties in the workflowManager.conf file to configure custom settings for ArcGIS Workflow Manager Server and the web app. After installing Workflow Manager, the configuration file is located at ~/.esri/WorkflowManager/<hostname>/workflowManager.conf.

注:

If your ArcGIS Enterprise system contains more than one ArcGIS Server machine with Workflow Manager Server, changes to the configuration file must be repeated in each instance of ArcGIS Server.

Administrative parameters

The following parameters can be modified to define custom attributes.

注:

If you are upgrading Workflow Manager, some parameters may not exist and must be manually added to the configuration file.

ParameterDescriptionExample format

LogRetentionPeriod

Controls the frequency of when log messages in the web app are deleted by the cleanup task. This property is set to seven days by default.

This property does not alter the frequency of when Workflow Manager Server logs are deleted.

LogRetentionPeriod = 7 days

allowUnsecureWebhooks

Controls whether incoming webhooks require header security. Starting at 11.2, this property is set to false by default.

警告:

Setting this property to true allows anyone with the webhook URL to create jobs in the web app.

allowUnsecureWebhooks = false

webRequestAllowLocal

Controls whether the Send Web Request step permits requests to localhost.

webRequestAllowlocal = false

webRequestAllowedProtocols

Controls which protocol is permitted during the Send Web Request step.

webRequestAllowedProtocols = ["https"]

webRequestBlockedHosts

Controls which hosts are blocked from receiving web requests during the Send Web Request step.

webRequestBlockedHosts = ["169.254.169.254/32", "127.0.0.1/32", "1/128"]

webRequestBlockedPorts

Controls which ports are blocked during the Send Web Request step.

webRequestBlockedPorts = ["80", "81"]

webRequestEnforceValidDomain

Blocks requests to hosts with an invalid top-level domain (TLD). This property is set to false by default.

webRequestEnforceValidDomain = false

webRequestRestrictedHeaders

Controls which request headers are blocked during the Send Web Request step.

webRequestRestrictedHeaders = ["Content-Length", "Content-Location", "Forwarded", "From", "Host", "Referer", "Referer-Policy", "User-Agent", "Via", "X-Forwarded-For", "X-Forwarded-Host", "X-Forwarded-Proto", "Strict-Transport-Security", "X-Frame-Options", "X-XSS-Protection", "X-Content-Type-Options", "Access-Control-Allow-Origin", "Content-Security-Policy", "Origin"]

Geoprocessing tool names that match Arcade expressions

If the name of a geoprocessing tool matches the name of an ArcGIS Arcade expression, such as Buffer or Clip, uncomment allowedList and add tool names that should not be evaluated as Arcade expressions. Alternatively, you can enclose the tool name in single or double quotation marks in the Run Pro GP Tool step's configuration.

Configure a high-availability deployment

For highly available Workflow Manager deployments, each machine must be configured to enable high availability.

注:

将装有 Workflow Manager Server 的 ArcGIS Server 计算机与 ArcGIS Enterprise 门户联合时,请将管理 URL 设置为可用于与站点中所有服务器通信的 URL。

  1. 在文本编辑器中打开 ~/.esri/WorkflowManager/<hostname>/workflowManager.conf 文件。
  2. 取消注释 workflowManager.conf 文件中的以下几行:
    • play.modules.disabled += "esri.workflow.utils.inject.LocalDataProvider"
    • play.modules.enabled += "esri.workflow.utils.inject.DistributedDataProvider"

    如果 workflowManager.conf 文件中不存在这些行,请将它们添加到文件底部。

  3. 保存文件。
  4. 重新启动 ArcGIS Workflow Manager Server 服务。
  5. 对每台 Workflow Manager Server 计算机重复这些步骤。

    Workflow Manager Server 现已配置高可用性。

Sample configuration file

The following is a sample Workflow Manager configuration file that can be used or referenced in your system:

#########################################################
# Workflow Manager configuration settings
# Set any user-defined configuration options in this file
#########################################################

include "application.conf"

wmx {
  arcadeExpressionTimeout = 10 seconds

  featureBatchSize = 100

  webRequestTimeout = 1 minute

  webhookTokenExpiration = 30 minutes

  webhookMaxAttachmentSize = 10m

  logRetentionPeriod = 7 days

  jobAutoExecutionLimit = 25

  // Note: Using unsecured webhooks will allow anyone that can access the webhook URL to create jobs
  allowUnsecureWebhooks = false

//  webRequestAllowLocal = true
//  webRequestAllowedProtocols = ["http", "https"]
//  webRequestBlockedHosts = ["169.254.169.254/32"]
//  webRequestBlockedPorts = []
//  webRequestEnforceValidDomain = false
//  webRequestRestrictedHeaders = ["Content-Length", "Content-Location", "Forwarded", "From", "Host", "Referer", "Referer-Policy", "User-Agent", "Via", "X-Forwarded-For", "X-Forwarded-Host", "X-Forwarded-Proto", "Strict-Transport-Security", "X-Frame-Options", "X-XSS-Protection", "X-Content-Type-Options", "Access-Control-Allow-Origin", "Content-Security-Policy", "Origin"]
}

// Uncomment to modify the allowedList of GP Tool names that are also Arcade functions
// wmx.steps.proGP {
//   allowedList = []
// }

// The following settings can be used to modify security settings

// Uncomment this to modify the allowed cipher suites. Can use same options as ArcGIS Server
//pekko.ssl-config.enabledCipherSuites = [
//  "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
//  "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
//  "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
//  "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
//  ]

// Uncomment this to modify the allowed TLS protocols
//pekko.ssl-config.enabledProtocols = [
//  "TLSv1.2",
//  // "TLSv1.1", // Deprecated - only use if absolutely required
//  // "TLSv1" // Deprecated - only use if absolutely required
//]

// Uncomment this to enable CORS
//play.filters.enabled += "play.filters.cors.CORSFilter"
//play.filters.cors {
//  pathPrefixes = ["/workflow"]
//  allowedOrigins = ["https://www.example.com", ...]
//  allowedHttpMethods = ["GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS"]
//  allowedHttpHeaders = ["Accept", "Accept-Language", "Content-Language", "Content-Type"]
//  preflightMaxAge = 1 day
//}

// Uncomment the following lines to configure site to support multi-machine deployments
// play.modules.disabled += "esri.workflow.utils.inject.LocalDataProvider"
// play.modules.enabled += "esri.workflow.utils.inject.DistributedDataProvider"

// This can be used to change the maximum file size for attachments.
// If file sizes larger than 500MB are required, the hosted feature layer for the workflow item will also
// need to be updated in addition to this parameter. See the Workflow Manager documentation for more information.
// play.http.parser.maxDiskBuffer = 500m

// This can be used to change the max allowable POST body size
//play.http.parser.maxMemoryBuffer = 2m

相关主题

  • 使用 Survey123 webhook 创建作业
  • 使用 Webhook 创建作业
  • 发送 Web 请求
  • 运行 Pro GP 工具

有关此主题的反馈?

在本主题中
  1. Administrative parameters
  2. Geoprocessing tool names that match Arcade expressions
  3. Configure a high-availability deployment
  4. Sample configuration file