Addons

Standard Mode

Updated: December 4, 2024

Before You Start

This page gives all the necessary steps to install the Retention Management addon with the Standard mode.

Prerequisites

You can use all the file storages supported by Nuxeo Platform.

Installation

This addon requires no specific installation steps. It can be installed like any other package with nuxeoctl command line or from the Update Center.

Configuration

Amazon S3

In Standard mode, there are 3 supported configurations with Amazon S3:

Store Records in the Same Bucket as Other Documents

This configuration consists on using the same S3 bucket for records and other documents.

In this case, you can use the Amazon S3 addon with the default configuration with the Retention addon.

This configuration does not allow using the Amazon S3 Object Lock feature.

This configuration is only compliant with the binary manager org.nuxeo.ecm.core.storage.sql.S3BinaryManager.

The following property is required in the nuxeo.conf configuration file:

nuxeo.core.binarymanager=org.nuxeo.ecm.core.storage.sql.S3BinaryManager

Store Records in a Dedicated S3 Bucket

It is possible to configure an additional S3 bucket dedicated to storing records. This can be configured using an XML contribution, or via the nuxeo.conf configuration file.

Configure via XML Contribution

Configure the standard S3 bucket as described in Amazon S3 Online Storage. Once complete, add an XML extension file to configure the bucket that will be used for records:

  • The file has to be added to $NUXEO_HOME/nxserver/config
  • The file name has to be ended with -config.xml
  • The file must contain the following component name:
<component name="records-s3-compliance">
  • The file must contain a blob manager contribution with the following parameters:
<extension target="org.nuxeo.ecm.core.blob.BlobManager" point="configuration">
    <blobprovider name="records">
      <class>org.nuxeo.ecm.blob.s3.S3BlobProvider</class>
      <property name="record">true</property>
  • The file must contain a blob dispatcher contribution as shown here:
<extension target="org.nuxeo.ecm.core.blob.DocumentBlobManager" point="configuration">
    <blobdispatcher>
      <class>org.nuxeo.ecm.core.blob.DefaultBlobDispatcher</class>
      <property name="records">records</property>
      <property name="default">default</property>
    </blobdispatcher>
</extension>

This configuration is only applicable when using the Retention addon with a dedicated S3 bucket for the records.

If you want to configure your instance with only 1 bucket, and NO object lock, please refer to the previous chapter.

Here is the complete XML extension file example:

<?xml version="1.0"?>
<component name="records-s3-compliance">

  <require>default-repository-config</require>

  <extension target="org.nuxeo.ecm.core.blob.BlobManager" point="configuration">
    <blobprovider name="records">
      <class>org.nuxeo.ecm.blob.s3.S3BlobProvider</class>
      <property name="record">true</property>
      <property name="awsid">${nuxeo.s3storage.awsid}</property>
      <property name="awssecret">${nuxeo.s3storage.awssecret}</property>
      <property name="awstoken">${nuxeo.s3storage.awstoken}</property>
      <property name="bucket">Your S3 bucket for records</property>
      <property name="region">${nuxeo.s3storage.region}</property>
      <property name="endpoint">${nuxeo.s3storage.endpoint}</property>
      <property name="pathstyleaccess">${nuxeo.s3storage.pathstyleaccess}</property>
      <property name="accelerateMode">${nuxeo.s3storage.accelerateMode}</property>
      <property name="bucket_prefix">Prefix for your S3 bucket for records</property>
      <!-- min file age, in second, to be removed from cache if the size max size is reached, default is 3600 -->
      <property name="cacheminage">60</property>
      <property name="cachesize">100MB</property>
      <property name="connection.max">50</property>
      <property name="connection.retry">3</property>
      <property name="connection.timeout">50000</property>
      <property name="socket.timeout">50000</property>
    </blobprovider>
  </extension>

  <extension target="org.nuxeo.ecm.core.blob.DocumentBlobManager" point="configuration">
    <blobdispatcher>
      <class>org.nuxeo.ecm.core.blob.DefaultBlobDispatcher</class>
      <property name="records">records</property>
      <property name="default">default</property>
    </blobdispatcher>
  </extension>
</component>
Configure via nuxeo.conf

Add the s3retention template to the nuxeo.templates property in the nuxeo.conf file:

nuxeo.templates=default,s3binaries,retention,s3retention

This will enable the s3-retention-config.xml config, which enables the following properties for nuxeo.conf:

  • nuxeo.retention.s3storage.bucket
    (required)
  • nuxeo.retention.s3storage.bucket_prefix
    (optional)
  • nuxeo.retention.s3storage.awsid
    (fallback to nuxeo.s3storage.awsid)
  • nuxeo.retention.s3storage.awssecret
    (fallback to nuxeo.s3storage.awssecret)
  • nuxeo.retention.s3storage.awstoken
    (fallback to nuxeo.s3storage.awstoken)
  • nuxeo.retention.s3storage.region
    (fallback to nuxeo.s3storage.region)
  • nuxeo.retention.core.blobstore.digestAsync
    (fallback to nuxeo.core.blobstore.digestAsync)
  • nuxeo.retention.s3storage.cacheminage
    (fallback to nuxeo.s3storage.cacheminage)
  • nuxeo.retention.s3storage.cachesize
    (fallback to nuxeo.s3storage.cachesize)
  • nuxeo.retention.s3storage.cachecount
    (fallback to nuxeo.s3storage.cachecount)
  • nuxeo.retention.s3storage.connection.max
    (fallback to nuxeo.s3storage.connection.max)
  • nuxeo.retention.s3storage.connection.retry
    (fallback to nuxeo.s3storage.connection.retry)
  • nuxeo.retention.s3storage.connection.timeout
    (fallback to nuxeo.s3storage.connection.timeout)
  • nuxeo.retention.s3storage.socket.timeout
    (fallback to nuxeo.s3storage.socket.timeout)
  • nuxeo.retention.s3storage.endpoint
    (fallback to nuxeo.s3storage.endpoint)
  • nuxeo.retention.s3storage.pathstyleaccess
    (fallback to nuxeo.s3storage.pathstyleaccess)
  • nuxeo.retention.s3storage.accelerateMode
    (fallback to nuxeo.s3storage.accelerateMode)

Store Records in a Dedicated S3 Bucket With S3 Object Lock In Governance Mode

Amazon S3 Object Lock prevents the deletion of content under retention until the retention period has expired. Nuxeo Retention, when configured to use Amazon S3 Object Lock, automatically provides the retention period (or legal hold) to Amazon S3.

Because Nuxeo Retention provides the ability to delete a document under retention, the addon in standard mode supports Amazon S3 Object Lock only in Governance mode.

To configure the Retention addon with a dedicated S3 bucket with Object lock, first follow the steps described in the previous section. Next configure the record bucket as follows:

  • Direct writes to the Amazon S3 storage system must be disabled; this is to ensure that all documents pass through Nuxeo Platform for compliant processing.

  • The Amazon S3 Object Lock feature must be enabled in Governance Mode on the record bucket.

  • Amazon S3 Versioning must be enabled; this is automatically done when enabling Object lock.

  • The default retention value for the record bucket must not be set (or, at least, set to zero).

  • No Min/Max range should be established for record bucket.

  • Amazon S3 Lifecycle Policies must not be configured for use within the Nuxeo Platform storage subsystem.