Configuration

The on-premises installation has two major configuration points - the location of the Structurizr data directory, and configuration of the on-premises installation itself via a file inside the Structurizr data directory.

Structurizr data directory

The location of the Structurizr data directory can be configured in a number of ways:

  • An environment entry called structurizr/dataDirectory (e.g. configured in TOMCAT_HOME/conf/Catalina/localhost/ROOT.xml)
  • An environment variable named STRUCTURIZR_DATA_DIRECTORY
  • A JVM system property named structurizr.dataDirectory

If this is not set, the Structurizr data directory location will default to /usr/local/structurizr.

structurizr.properties

The following parameters can be set in a text file named structurizr.properties in your Structurizr data directory. Changing these parameters generally requires a restart of the on-premises installation.

Name Description
structurizr.url URL
If you are running the on-premises installation behind a load balancer and/or reverse-proxy (e.g. SSL termination is being handled upstream), or the pages served by the on-premises installation don't look right (e.g. styles are not loading, images are oversized, etc), you will likely need to set this property to explicitly tell the on-premises installation the URL you are using to access it. This should be a full URL, such as https://structurizr.example.com.
structurizr.encryption Server-side encryption passphrase
By default, workspace data is stored as plaintext on disk. Setting this property will enable server-side encryption. For better security (and to keep the encryption passphrase away from the encrypted files), we recommend specifying this property as an environment variable (STRUCTURIZR_ENCRYPTION) or a JVM system property (structurizr.encryption), rather than putting this in the structurizr.properties file. You may need to patch your Java installation with the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for encryption to work.
structurizr.authentication Authentication implementation
The name of the authentication implementation to use: file (default), ldap (see LDAP for more details), or saml (see SAML 2.0 for more details).
structurizr.admin Admin users and/or roles
By default, any authenticated user can create workspaces. If you would like to restrict who can create workspaces, set this property to a comma-separated list of usernames or roles that should have "admin" access.
structurizr.graphviz Graphviz integration
Whether the Graphviz integration should be enabled; true or false (default). If you would like to use the Graphviz integration for auto-layout, you will need to install Graphviz on your server (the dot command must be available from the command line).
structurizr.safeMode Safe mode
Whether HTML should be filtered from workspace content; true (default) or false.
structurizr.data Data storage implementation
The name of the data storage implementation to use: file (default) or aws-s3 (see Amazon Web Services S3 for more details).
structurizr.search Search implementation
The name of the search implementation to use: lucene (default), none, or elasticsearch (see Elasticsearch for more details).