|
|
@@ -0,0 +1,22 @@
|
|
|
+# Path to a custom java executable. By default the java executable of the
|
|
|
+# bundled JVM is used.
|
|
|
+#JAVA=/usr/bin/java
|
|
|
+
|
|
|
+# Default Java options for heap and garbage collection.
|
|
|
+GRAYLOG_SERVER_JAVA_OPTS="-Xms1g -Xmx1g -server -XX:+UseG1GC -XX:-OmitStackTraceInFastThrow"
|
|
|
+
|
|
|
+# Avoid endless loop with some TLSv1.3 implementations.
|
|
|
+GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS -Djdk.tls.acknowledgeCloseNotify=true"
|
|
|
+
|
|
|
+# Fix for log4j CVE-2021-44228
|
|
|
+GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS -Dlog4j2.formatMsgNoLookups=true"
|
|
|
+
|
|
|
+# Use custom keystore for self signed certificate
|
|
|
+GRAYLOG_SERVER_JAVA_OPTS="$GRAYLOG_SERVER_JAVA_OPTS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts"
|
|
|
+
|
|
|
+# Pass some extra args to graylog-server. (i.e. "-d" to enable debug mode)
|
|
|
+GRAYLOG_SERVER_ARGS=""
|
|
|
+
|
|
|
+# Program that will be used to wrap the graylog-server command. Useful to
|
|
|
+# support programs like authbind.
|
|
|
+GRAYLOG_COMMAND_WRAPPER=""
|
