Skip to content

Server Configuration Options

The configuration options for AIC are stored in the server.cfg XML file found in the 'configuration' directory of the installation.
This file can be manually modified to add/remove optional settings, but some settings within this file are required.
Please note that all setting names are case sensitive.

The settings are split into various different sections as different XML tags.

ServerInfo

The ServerInfo settings relate to the basic web address and port upon which AIC can be communicated with. The settings are required; if they are missing, AIC will fail to start.

  • HostName
    • This specifies the network name of the machine on which AIC is running, e.g. localhost, an IP address or Server1
    • The default value is localhost, although it is recommended to change this to avoid SSL certificate warnings/errors
  • Port
    • The port on which AIC should listen.
    • The default value is 9090.

DatabaseConfiguration

The Database Configuration settings deal with connections to the SQL database used by AIC. The settings that are required in this section are:

  • DBHost
    • The name of the machine running the SQL server that should be used by AIC.
    • Defaults to localhost
  • DBPort
    • The port that AIC should used to communicate with the SQL server.
    • Defaults to 3306
  • UserName
    • The name of the User to use when connecting to the SQL server.
    • Defaults to 'root'
    • It is recommended to change this, although the User will need full read/write access to the Database being used by AIC.
  • Password
    • The password of the User used when connecting to the SQL server
    • Defaults to 'changeme'
    • It is recommended to change this.

The above settings are all needed; if they are not all present in the configuration file, AIC will fail to start.
Additionally, there are some settings that can be added to further customise the database configuration. If these settings are not present in the server.cfg file, the specified default value will be used by AIC.

  • DBName
    • The name of the database that will be used by AIC.
    • Defaults to 'aic'
    • e.g. <DBName>MyDatabase</DBName>
  • RedisHost
    • The name of the machine running the Redis database required by AIC.
    • Defaults to localhost, i.e. the machine running AIC
    • e.g. <RedisHost>192.168.4.55</RedisHost>
  • RedisPort
    • The port used by the Redis database used by AIC.
    • Defaults to 6379
    • e.g. <RedisPort>1234</RedisPort>

  • SessionPool

    • This setting is used to customise the number of active connections to the SQL database that AIC maintains. Changing these values can help to optimise the memory usage and/or speed of obtaining connections to the Database.
    • Available settings within SessionPool are:
      • MinSessions
        • This specifies the minimum number of sessions that are maintained by AIC. Any inactive sessions above this number will be closed and removed from the Session Pool.
        • Defaults to 0
      • MaxSessions
        • This specifies the maximum number of sessions that are allowed in the Session Pool used by AIC. Attempting to create more sessions than this will results in failure to obtain a Session until one is no longer in use.
        • Defaults to 150
        • If the value is increased above 150, the associated max_connections setting of the database itself will likely need updating as well.
      • IdleTime
        • The time, in seconds, that a Session must remained unused before it is removed from the Pool (provided the number of Sessions in the Pool is greater than MinSessions).
        • Defaults to 300, i.e. 5 minutes.
        • Note that an idle connection is one that can be re-used by another incoming connection request
    • e.g. 
    <SessionPool>
    <MinSessions>5</MinSessions>
    <MaxSessions>25</MaxSessions>
    <IdleTime>3600</IdleTime>
</SessionPool>

Security

The Security Element is used to control some aspects of the security for the AIC instance.
The settings that are required within Security are:

  • EncryptionKey
    • This specifies the 'encryption key' value used by this instance of AIC when encrypting the Provider API Keys.
    • The value can be set manually, however if it is empty a value will be generated by AIC during startup and stored in this setting.
    • Removing an existing EncryptionKey value will mean that AIC will generate a new value when next started.
      • Caution: Doing this will invalidate all Provider API Keys already stored in AIC. No warnings will be given.
    • Editing an existing EncryptionKey value is also possible
      • Caution: Doing this will invalidate all Provider API Keys already stored in AIC. No warnings will be given.
  • ServerSalt
    • This specifies the 'salt' value used by this instance of AIC when generating hashes for passwords and tokens.
    • The value can be set manually, however if it is empty a value will be generated by AIC during startup and stored in this setting.
    • Removing an existing ServerSalt value will mean that AIC will generate a new value when next started.
      • Caution: Doing this will invalidate all existing User passwords, active logins, and API Keys and reset the global admin User password back to the default. No warnings will be given.
    • Editing an existing ServerSalt value is also possible
      • Caution: Doing this will invalidate all existing User passwords, active logins, and API Keys and reset the global admin User password back to the default. No warnings will be given.
  • AccessTokenSecret
    • This specifies the 'secret' used by AIC to generate JWT Access Tokens, used for authentication with AIC.
    • The value can be set manually, however if it is empty a value will be generated by AIC during startup and stored in this setting.
    • Removing an existing AccessTokenSecret value will mean that AIC will generate a new value when next started.
      • Caution: Doing this will invalidate any existing active logins.
    • Editing an existing AccessTokenSecret value is also possible
      • Caution: Doing this will invalidate any existing active logins.
  • RefreshTokenSecret
    • This specifies the 'secret' used by AIC to generate JWT Refresh Tokens, used for authentication with AIC.
    • The value can be set manually, however if it is empty a value will be generated by AIC during startup and stored in this setting.
    • Removing an existing AccessTokenSecret value will mean that AIC will generate a new value when next started.
      • Caution: Doing this will invalidate any existing active logins.
    • Editing an existing AccessTokenSecret value is also possible
      • Caution: Doing this will invalidate any existing active logins.

If the Security Element is missing, AIC will automatically generate it when it is started and update the server.cfg file with the new Element. In this case, new values for the required settings above will be generated.
In cases where any/all of the required settings are missing, or empty, they will be generated automatically when AIC is started.
The Security Element that is generated will look like this: 

    <Security>
        <!-- Caution!!! Changing this value will invalidate any Provider API Keys already stored in AIC. -->
        <EncryptionKey>0lA$w0aY2EVAT^*Oy7O7UIGHTSB9ZWx6</EncryptionKey>
        <!-- Caution!!! Changing the following values will invalidate existing passwords and Keys. -->
        <ServerSalt>444e1439acfc92ca92bedba54d54e94f</ServerSalt>
        <AccessTokenSecret>oifl#Wua6#IG2zYDo!R-NBviYpYP3UHS</AccessTokenSecret>
        <RefreshTokenSecret>VmReuTPmm^j9QqbsVyT5o!IAexjI5F_%</RefreshTokenSecret>
    </Security>
Note that the above XML is an example. The exact values above should not be used.

Additionally, there are some settings that can be added to further customise the security configuration. If these settings are not present in the server.cfg file, the specified default value will be used by AIC.

  • SSL
    • These settings are used to configure how AIC deals with secure SSL communication.
    • Available settings within SSL are:
      • Enabled
        • A simple true/false flag to enable SLL communication or not. A value of 'true' enables it (the default) and false disables it.
        • When enabled AIC will run using the HTTPS protocol. When disabled (false) AIC will run using the HTTP protocol.
      • CertificateLocation
        • Specifies the location of the security certificate that AIC should use. The location is relative to the base directory of the AIC installation.
        • Defaults to 'ca-certificates'.
      • CertificateFile
        • Specifies the name of the certificate file AIC should use within the given CertificateLocation.
        • Defaults to 'localhost.crt'
      • PrivateKeyFile
        • Specifies the name of the file containing the private key that AIC should use. This file should be in the CertificateLocation directory.
        • Defaults to 'localhost.key'

An example Security Element with SSL communication disabled would like this: 

    <Security>
        <!-- Caution!!! Changing this value will invalidate any Provider API Keys already stored in AIC. -->
        <EncryptionKey><!-- Generated encryption key --></EncryptionKey>
        <!-- Caution!!! Changing the following values will invalidate existing passwords and Keys. -->
        <ServerSalt><!-- Generated Salt --></ServerSalt>
        <AccessTokenSecret><!-- Generated secret --></AccessTokenSecret>
        <RefreshTokenSecret><!-- Generated secret --></RefreshTokenSecret>
        <SSL>
            <Enabled>false</Enabled>
        </SSL>
    </Security>

Logging

AIC provides Logging to the server console, a log file and to a database table. Log entries include errors, warnings and informational messages. This setting allows the style of logging to be customised.
These settings are all optional, and will use the specified default value when not specified.

  • LogLevel
    • Specifies the severity of messages that should be logged.
    • Valid values are LL_ERROR, LL_WARNING1, LL_WARNING2, LL_INFO (the default)
    • The default value of LL_INFO means everything will be logged. To reduce this to only include errors and no warnings or informational messages, the value can be changed to LL_ERROR.
  • LogFile
    • Specifies the log file that AIC will write logged messages to. This value can be an absolute path, or a relative path. If a relative path is used, it will be relative to the base directory of the AIC application.
    • Note that the messages that appear on the console, and in the database are often different from those that appear in the log file.
    • The default value is `logs/aic.log
  • MaxLogFileSize
    • This specifies the maximum size, in bytes, of the log file. When the maximum size is exceeded, AIC will automatically back up the current file during the next startup, and create a new empty log file of the name specified in LogFile.

For example, the following Logging Element would set the log file for AIC: 

    <Logging>
        <LogFile>/home/KK/logs/AIC.log</LogFile>
    </Logging>

Updates

AIC has the ability to check for updates. It will do this upon startup, and when a 'POST' request is sent to the /version/checkforupdates end point.
AIC will never automatically download any updates. This is a manual step detailed in the AIC Administrators Guide.
The Updates settings are optional can be used to disable the update checks. If they are not specified, the given default values will be used.

  • PerformAutomaticUpdateChecks
    • This tells AIC that a check for updates should be performed automatically during startup (or not).
    • The default value is true, i.e. check for updates.
  • DisableAllUpdateChecks
    • This setting can be used to disable all update checks, i.e. the startup check and any checks performed when a 'POST' request is sent to the /version/checkforupdates end point.
    • The default value is false, i.e. update checks are allowed.

For example, the following Updates Element would disable update checks at startup, but allow manual update checks to be performed: 

    <Updates>
        <PerformAutomaticUpdateChecks>false</PerformAutomaticUpdateChecks>
    </Updates>

APIKey

The use of API Keys for providing access to LLM Providers is quite common. Some of those Providers do not accept a standard header type or prefix, such as 'Bearer'. AIC allows a custom header type (e.g. Authorization) and custom token prefix (e.g. Bearer) to be provided to help with supporting Providers that handle their API Key authorisation in a non-standard way.
The settings for this are:

  • HeaderName
    • The name of the HTTPS Header the Provider expects to contain the authorisation token
  • TokenPrefix
    • The prefix to automatically apply to the API Key for the given Provider.
    • Can be empty

For example, a request sent to an LLM Provider could use the prefix of 'AIToken' before the API Key in the request Authorization header. In such a case, support for this non-standard Authorization header could be added to AIC with the following APIKey Header Element:

    <APIKey>
        <Header>
            <HeaderName>Authorization</HeaderName>
            <TokenPrefix>AIToken</TokenPrefix>
        </Header>
    </APIKey>

CustomLLMFormats

In some cases an LLM may accept requests in an unexpected format.
AIC defaults to using an OpenAI request format, so provided the Provider/LLM being used accepts this format then communication will work without any intervention.
AIC also supports the format used by the 'Google' and 'Anthropic' Providers. It will automatically switch to these formats if the Provider URL is pointing to the expected location for those Providers.
In cases where the format is not passed correctly, the CustomLLMFormats element can be used to explicitly specify the format a Provider with the given domain/host will accept. Supported child elements are 'Google' and 'Anthropic' (OpenAI format is the default so specifying this is not required).
The child elements can appear multiple times and are written like this: <Google>https://myDomain.com</Google>.
For example: 

<CustomLLMFormats>
    <Google>https://ADomain.com</Google>
    <Anthropic>https://192.168.1.2</Anthropic>
</CustomLLMFormats>

Updated: 2025-05-21