Changing iTop Settings
All iTop configuration settings are stored in the file
config-itop.php
in the conf/production
directory inside the iTop installation directory. Changing a
parameter has an immediate effect on iTop, there is no need to
restart the web server, just refresh the iTop web page in your
browser to take into account the new parameter(s).
Refer to the chapter “Configuration parameters” for the full list of configuration parameters.
Hereafter are described a few usages that can be made of the configuration parameters.
Setting iTop in ready-only mode
It is sometimes desirable (while performing some maintenance tasks for example) to make the iTop application read-only. Since version 1.0.2, two parameters can be used to control:
-
whether or not the application is read-only (and for who)
-
which message is displayed when the application is read-only.
These 2 parameters are: access_mode and access_message.
The parameter access_mode can take one of the following values:
Access_mode value | Actual value | Effect |
---|---|---|
ACCESS_READONLY | 0 | The application is read-only for all users. The users can browse the application but nothing will be written to the MySQL database. |
ACCESS_ADMIN_WRITE | 2 | Only administrator users can write into the database. The application is in read-only mode for all other users. |
ACCESS_FULL | 3 | All users can write into the database. This is the default mode. |
Example:
'access_mode' => ACCESS_ADMIN_WRITE, 'access_message' => '(maintenance until 2PM)',
This results in the following display in iTop:
Accessing iTop from different URLs
Under some circumstances, it may be helpful to access the same instance of iTop from different URLs. (For example from the intranet for users within the company and from internet for customers).
One possibility is to install two iTop instances pointing to the same database. This allows to have a complete control over all parameters, but increases the maintenance effort to keep the two instances in sync (same version of iTop, consistent parameters…).
Another possibility is to put some code in the configuration file to adjust the settings depending on some server parameter. Since the configuration file is a PHP file that is loaded (i.e. evaluated) on each 'page', the settings can be fully dynamic.
For example, imagine you have a reverse proxy that controls the access to iTop, and you want all Internet users to access iTop using HTTPS (secure) and intranet users to connect through http (faster). You can do the following:
-
From internet :
-
Add a rule to redirect all HTTP traffic on HTTPS
-
Add a specific header in HTTPS virtualhost config :
-
APACHE :
RequestHeader set HTTPS On
-
NGINX :
proxy_set_header HTTPS On;
-
-
From intranet :
-
Add a rule to redirect all HTTPS traffic on HTTP
-
-
Set the following value in the config file for
app_root_url
:
'app_root_url' => (isset($_SERVER['HTTP_HTTPS']) && ($_SERVER['HTTP_HTTPS'] == 'On')) ? 'https://itop.yourdomain/' : 'http://itop.yourdomain/',
Other combinations are possible: in PHP the
$_SERVER
and $_COOKIES
variables are
accessible.
For example: If you can access iTop either from https://itop.company.com/itop
or
https://public-itop.company.com/itop
, you can
put the following piece of PHP code in the configuration file:
'app_root_url' => 'https://'.(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'itop.company.com').'/itop',