Configuration reference

Every earlier chapter introduces its own handful of settings in context. This chapter collects them in one place so you can look one up without hunting: each is listed under the chapter that explains it, with its default and a one-line reminder of what it does. Read the chapter for the why; read this page for the what and the default.

How a setting is set

There are only a few ways a value reaches the server, and the table columns below assume you know which applies:

  • Server startup - an environment variable or a system property. Cloud credentials and the store root are environment variables (JENESIS_*); everything wire-level is a -Djenesis.repository.<key>=… system property. The tables use the short key (quota, auth, license-allowed); the full system property prepends jenesis.repository. to it.
  • Per repository - the console settings screen or the settings API. Most gate, provenance, search and maintenance dials are repository settings you edit live; the change takes effect on the next request, no restart.
  • Per run - a request body. A migration is configured in the POST that launches it, not by a standing key.

Where a key is both a repository dial and pinnable from above, the two meet with a clear rule:

A value pinned at startup (env var or -Djenesis.repository.<key>=…) wins over any stored per-repository edit. Pin the policy you want a deployment to hold to; leave the rest for a repository - or a tenant, where the key is tenant-overridable - to set for itself.

A capability being present is usually not a setting at all - it is whether its module is on the server's path (+source+store+s3, +source+proxy, source/oidc, …). Those toggles are noted in Architecture and each capability's chapter, not repeated here.

Value formats

Kind How you write it
Boolean true / false.
Duration ISO-8601 - PT10M (ten minutes), PT1H (an hour), P1D (a day), P7D (a week). One key, scan-interval-millis, is a plain millisecond count instead.
Byte count a plain number, or a K / M / G / T suffix (10GB).
Verdict ALLOW / QUARANTINE / REJECT.
List comma-separated, unless a key says otherwise.

Server & storage

Startup environment variables and system properties, read once when the server boots. See Getting started and Storage.

Key Default What it sets
JENESIS_STORE_ROOT (required for filesystem) Root directory of the filesystem store.
jenesis.repository.store (filesystem) Storage backend: unset = filesystem, s3, or azure-blob.
jenesis.repository.quota (unset - no cap) Storage cap; a new artifact is refused with 507 once stored blob bytes reach it. Byte count or K/M/G/T.
jenesis.repository.rate-limit (unset - no limit) Request ceiling in permits per minute, metered per tenant; excess sheds with 429 and a Retry-After. Actuator probes are never throttled.
SPRING_PROFILES_ACTIVE (none) Set to dev for the built-in admin/admin form login on a local run - never in production.

The tenant and repository of the fixed artifact space are jenesis.repository.tenant and jenesis.repository.repository, both defaulting to default - see Multi-tenancy & authentication below.

Cloud store credentials

Read only by the backend you select. See Storage.

Key Default What it sets
JENESIS_AWS_BUCKET (required for s3) Bucket for the S3-compatible backend.
JENESIS_AWS_ENDPOINT (AWS) Custom endpoint for a non-AWS S3 store (GCS, MinIO, Ceph).
JENESIS_AWS_ACCESS_KEY_ID (AWS chain) Explicit S3 access key; set together with the secret key, else the standard AWS credential chain is used.
JENESIS_AWS_SECRET_ACCESS_KEY (AWS chain) Explicit S3 secret key; set together with the access key.
JENESIS_AZURE_CONNECTION_STRING (required for azure-blob) Azure account connection string.
JENESIS_AZURE_CONTAINER (default container) Azure Blob container to use.
Pointing a build at the server is not a repository setting - it is a client knob: -Djenesis.maven.uri, -Djenesis.module.uri and -Djenesis.module.token on the consuming Jenesis or Maven build, covered in Getting started.

Formats

System property, read at startup. See Formats.

Key Default What it sets
jenesis.repository.maven-metadata-compute false Compute maven-metadata.xml on read from stored version folders instead of serving the published bytes verbatim.

Proxying & groups

Per-format system properties, read at startup. See Proxying & groups.

Key Default What it sets
jenesis.repository.proxy.<format> (unset - hosted-only) Upstream URL a proxy-capable format mirrors, keyed by its name (proxy.maven → Maven Central, proxy.oci → Docker Hub). Naming it turns the format into a pull-through mirror.
jenesis.repository.proxy-miss-ttl 60s How long a definite upstream 404 is remembered in the negative cache; 0 disables it.

The compliance gate

Per-repository dials - edit live, or pin from above. The verdict knobs and deny-list are tenant-overridable. See The compliance gate.

Licence

Key Default What it sets
license-allowed (empty) Comma-separated allowed licence tokens (SPDX id, name, URL or category); empty allows any identified licence.
license-denied (empty) Comma-separated forbidden tokens; a match is rejected. Deny wins over allow.
license-unknown QUARANTINE Verdict for an unidentifiable or undeclared licence.

Vulnerabilities & malware

Key Default What it sets
vulnerability-threshold NONE Fail at or above this CVSS band: NONE (off) / LOW / MEDIUM / HIGH / CRITICAL.
malware-action QUARANTINE Verdict for a package a feed marks malicious.
kev-action QUARANTINE Verdict for a known-exploited CVE, applied regardless of CVSS band.
immaturity-hold-days 0 Quarantine proxied artifacts an upstream published within this many days (proxy path only); 0 disables.

Deny-list & version floor

Key Default What it sets
deny-list (empty) Coordinates always refused: group:artifact, group:artifact:version, or group:*.
version-floor (empty) Minimum-version rules, one per coordinate or group:* (e.g. org.apache.logging.log4j:log4j-core >= 2.17.0).
version-floor-action REJECT Verdict for a coordinate below its floor.

Advisory feeds

Each feed is off until enabled; its endpoint has a default you rarely change.

Key Default What it sets
osv false Enable the OSV feed (CVSS-scored vulns and MAL- advisories).
github false Enable the GitHub Advisory Database (GHSA).
openssf false Enable the OpenSSF malicious-packages dataset only.
kev false Enable the CISA KEV known-exploited catalogue.
epss false Enable FIRST EPSS exploitation-probability scores (a ranking signal).
<feed>-endpoint (each feed's public endpoint) Override a feed's URL - osv-endpoint, github-endpoint, and so on - to point at a mirror or internal proxy.
github-token (none) Optional token for a higher GHSA rate limit.

Provenance

Per-repository settings. Provenance is off until you name a signer. See Provenance.

Key Default What it sets
provenance-signer (the one configured) Which signer runs when more than one is configured.
signing-key-path (none) PEM RSA private key for keyed signing; unset means no keyed signer.
keyless-fulcio-url (none) Fulcio CA that mints short-lived certificates; setting it enables keyless signing.
keyless-identity-token (none) A static OIDC identity token for the Fulcio exchange.
keyless-identity-token-path (none) A file holding the OIDC token, re-read on each exchange.
keyless-identity-token-env (none) An environment variable holding the OIDC token (the ambient-CI path).
keyless-rekor-url (none) Rekor transparency log for keyless attestations; unset serves them without a log entry.

Search & inventory

Per-repository settings; each capability is off until enabled. See Search & inventory.

Key Default What it sets
search-index false Build the background Lucene index of published coordinates (adds licence facets).
search-index-interval PT10M How often the search sweep rebuilds the index.
index false Publish the incremental, resumable index (chunks + descriptor).
index-interval P1D How often a new index chunk is published.
index-max-chunk 8388608 Maximum compressed bytes of one chunk before it rotates (8 MiB).
index-rebase-interval P7D How often a full-snapshot rebase resets the chunk chain for fresh consumers.

Maintenance

Per-repository settings; every pass is off until you enable it. See Maintenance.

Key Default What it sets
scheduled-cleanup false Run the retention/cleanup sweep on a timer (the on-demand endpoint works either way).
cleanup-interval PT1H How often the cleanup sweep runs.
cleanup-lease PT10M Time-to-live of the single-writer maintenance lease keeping a mutating sweep on one node.
keep-last 0 Retention: keep the N newest versions per coordinate; 0 = no count cap.
max-age (none) Retention: evict versions older than this duration.
prerelease-expiry (none) Retention: expire prereleases older than this duration (releases unaffected).
not-downloaded-for (none) Retention: evict versions not downloaded within this duration.
scheduled-scan false Re-scan every repository against the advisory feeds on a timer.
scan-interval-millis 3600000 How often the scheduled re-scan runs (a plain millisecond count - one hour).
kev-enforce true Retroactively quarantine an already-published artifact once its CVE reaches the KEV catalogue.
dependents-index false Build the reverse-dependency ("who depends on X") index in the background.
dependents-interval PT1H How often the dependents sweep runs.

The console's volume-reclaim target is set with two management-level keys - jenesis.ui.min-free-bytes and jenesis.ui.min-free-percent (the free-space floor a super-admin's reclaim aims for).


Multi-tenancy & authentication

Wire-gating system properties, read at startup before any tenant configuration. See Multi-tenancy & authentication.

Key Default What it sets
auth false Enforce the credential model. false leaves the server open - every request allowed.
tenant default The tenant of the fixed artifact space a single-tenant deployment serves. Multi-tenant routing reads it from the key instead.
repository default The repository of that fixed space. Multi-tenant routing reads it from the request path instead.

Finer controls - credential lifetime policy (a 90-day default, a hard ceiling, a rotation overlap of about a week), OIDC trusts (roughly an hour's minted-key TTL), custom roles, per-tenant quota and rate limit - are per-tenant data set through the management surface, not startup properties.


Publish-through forwarding

Per-repository settings; forward-targets is tenant-overridable. See Publish-through forwarding.

Key Default What it sets
forwarding false Forward accepted publishes to the configured targets on the background drain.
forward-targets (empty) Targets, one per line or ;-separated: <repository> <base-url> [transport] (* = every repository; transport defaults to replay).
forwarding-interval PT1M How often the outbox is drained.
forwarding-attempts 5 How many times a failing forward is retried before it is parked.
forwarding-marker jenesis The value of the X-Jenesis-Forwarded loop-guard header.

Central Portal transport

Surfaced when the forwarding-central module is installed.

Key Default What it sets
central-portal-publishing-type automatic automatic releases once Central validates; user-managed stops at VALIDATED for a manual release.
central-portal-poll-interval PT5S How long the drain waits between polls of a deployment's state.
central-portal-poll-timeout PT10M How long one delivery waits for a terminal state before the drain retries it later.

Migration & import

A migration is not a standing setting - it is configured in the body of the POST that launches it. See Migration & import.

Field Required What it sets
source yes Connector name: nexus, artifactory, or jenesis (whichever are on the path).
url yes The incumbent's base URL.
repository yes The source repository to walk.
format for artifactory The single package type of the source (maven2, docker, raw); Nexus and Jenesis report it per asset.
username / password if the source needs auth HTTP basic credentials (for a jenesis source, the API key is the password).
resume / cursor to continue A prior job's saved cursor, to pick up where an interrupted walk stopped.

The Maven importer honours the same maven-metadata-compute opt-in as the Maven format: with it on, a source maven-metadata.xml is dropped and regenerated from the imported version folders.


Observability

Standard Spring Boot management properties, set as system properties (-Dmanagement.…), environment variables, or in the deployment's configuration. See Observability.

Key Default What it sets
management.endpoints.web.exposure.include health,info,metrics Which Actuator endpoints are served; add prometheus to expose /actuator/prometheus.
management.endpoint.health.probes.enabled true Serve separate Kubernetes-style liveness and readiness probes.
management.endpoint.health.show-details when-authorized Show full health detail only to an authorised caller.
logging.level.build.jenesis.observation INFO Verbosity of the one-line-per-operation observation log; raise to WARN for failures only.
management.tracing.sampling.probability 0.0 Fraction of operations traced (1.0 = all); needs a tracing bridge on the module path.
management.otlp.tracing.endpoint (unset) Where to export spans over OTLP; unset exports nothing even when sampling is above zero.

The console

The console reads no settings of its own beyond the server ones already listed - SPRING_PROFILES_ACTIVE=dev for the local admin/admin login, and the jenesis.ui.* reclaim target under Maintenance. See The console.

The theme switch (Auto / Light / Dark) is a per-browser preference, not a server setting - it changes nothing another user sees.