Image Configuration

Configuring Docker Images via Environment Parameters

To customize the Simplifier Container (simplifierag/simplifier) there are following options provided:

Docker Environment Parameter	Default Value	Example Value	Description
DB		mysql	RDBM type for the main Simplifier database and the plugin databases. Supported values are “mysql” and “oracle”
MYSQL_HOST		simplifier-mysql.example.com	Hostname of the database server for the main Simplifier database
MYSQL_PORT	3306	3306	Port of Database Server for the main Simplifier database
MYSQL_USER		simplifier	Username of Database Connection Credentials for the main Simplifier database
MYSQL_PASSWORD		MyC0mPle!Pa$$word	Password of Database Connection Credentials for the main Simplifier database
MYSQL_DB		simplifier	Database Name for the main Simplifier Database, used as prefix for plugin databases
MONITORING_DBMS		mysql	Only mysql is supported as monitoring database
MONITORING_DB			Database Name for the monitoring database
MONITORING_DB_HOST			Hostname of the MySQL server for the monitoring database
MONITORING_DB_USER			Username for the monitoring database
MONITORING_DB_PASS			Password for the monitoring database
MONITORING_DB_PORT			Port for the monitoring database
MONITORING_DB_JDBC_URL			Alternativly to the single values, you can provide one complete jdbc URL to connect to the monitoring database
PLUGINLIST		jsonStore,keyValueStorePlugin	Comma Separated Lists of Plugins which should be started
VIRTUAL_HOST		mysimplifier.mycompany.de	DNS Name of Simplifier
JVM_PARAMETER		-Xmx16g -Xms2g -XX:MaxMetaspaceSize=512m -XX:+UseG1GC -XX:+UseStringDeduplication -XX:-UseGCOverheadLimit -Xss256m	JVM Settings for Simplifier service
CLUSTER_MEMBER_NAME		NODE_1	If set, cluster member name of simplifier server, else ignored
JMX_AGENT			true or false
FIREBASE_SETTINGS_PATH			file path to configure a custom Firebase account used for push notififications
ENV_STATISTICS_EVENT_WRITTEN_BUFFER_HOURS			Number of Hours that are used as a buffer for statistic aggregation.
FEATURE_SSBO_JS_DEBUGGING	false		true or false If set to true, experimental feature for debugging server side business objects is activated. Available since Release 8 EHP 2
FEATURE_LEGACY_OPCUA	false		true or false If set to true, legacy OPC UA connector is available in Connector overview. Available since Release 8 EHP 2
SYSADMIN	false		true or false If set to true, the sysadmin ipc channel is opened. Some admin tasks can then be started via CLI
DEBUG_CHROME_DEV_TOOLS_EXPOSED_HOST			If FEATURE_SSBO_JS_DEBUGGING is set to true: this must be set to the domain name used for debugging. In most cases this is the same value as VIRTUAL_HOST
DEBUG_CHROME_DEV_TOOLS_EXPOSED_PORT	2992		If FEATURE_SSBO_JS_DEBUGGING is set to true: The optional exposed port that will be used for generation the chrome dev-tools link.
DEBUG_CHROME_DEV_TOOLS_PORT	2992		If FEATURE_SSBO_JS_DEBUGGING is set to true: The port that is opened for the chrome dev-tools to connect to.
MONITORING_CLEANUP_CRON_EXPRESSION	“0 0 3 * * ? *”		Defines when the Cleanup job for the monitoring runs. Make sure you run it at least once per day!
AUDIT_LOG_CLEANUP_CRON_EXPRESSION	“0 0 4 * * ? *”		Defines when the Cleanup job for the logs runs. Make sure you run it at least once per day!

To customize the Workflow Runtime Container (simplifierag/workflow-runtime) there are following options provided:

Docker Environment Parameter	Default Value	Example Value	Description
DB_USER		simplifier	Username to access the Workflow Runtime Database
DB_PASS		simplifier	Password to access the Workflow Runtime Database
DB_DATABASE		simplifier_wf_rt	Name of the Workflow Runtime Database
DB_HOST		mysql	Hostname of the MySQL Database Server
DB_PORT	3306	3306	Portnumber of the MySQL Database Server
SIMPLIFIER_HOST		my-simplifier	Internal Container-Name of the Simplifier Server
SECOND_SEED		my-launchpad	Internal Container-Name of the Simplifier Launchpad Container
MODULE_HOST		my-workflow-runtime	Container Name of this workflow runtime container
JVM_PARAMETER		-Xmx1g	JVM Heap-Space for the Workflow Runtime – Default 1 GB
TZ		Europe/Berlin	Actual Time Zone to ensure the correct server time
ARCHIVE_ENABLED		true	Activate the Archive Jobs for Workflow Runtime Logs
ARCHIVE_INTERVAL	1 week	1 week	Period of time that defines how often should the archive Job run
ARCHIVE_TIME	2:00	2:00	Daytime when the Job should be executed
ARCHIVE_MAX_AGE_COMPLETED	6 months	6 months	Duration after a completed or terminated workflow instance will be archived automatically
SIMPLIFIER_LAUNCHPAD_BASE_URL		https://my-simplfiier.company.org	Full external access URL to Simplifier Inbox / Launchpad . Per Default this is the same as Simplifier Public URL
MAX_ACTIVITY_EXECUTION_COUNT	1000	1000	Available since Release 8 EHP 1 Maximum number of executions for the same activity per workflow instance (infinite loop circuit breaker)
DATABASE_MAX_CONNECTIONS	100	100	Available since Release 8 EHP 1 Maximum Database Connections. Increase this default value if Simplifier Support recommends it.
DATABASE_THREADS	20	20	Available since Release 8 EHP 1 Maximum Database Threads. Increase this default value if Simplifier Support recommends it.
DATABASE_QUEUE_SIZE	1000	1000	Available since Release 8 EHP 1 Maximum Size of Database Queue

The following plugins are contained in the simplifier docker image

Plugin Name	Description	Documentation
keyValueStorePlugin	No-SQL Database for storing Key Values	KeyValueStore
pdfPlugin	PDF Designer and Generator for Forms or Reports	PDFPlugin
wordGeneratorPlugin	Word Generator
captcha	Generates Captchas for Login Protection	captcha
contentRepoPlugin	Meta Repository for Files	contentRepo
jsonStore	NoSQL Database based on MapDB	jsonStore

Container Security

Verify Signed Simplifier Container Images

Since Simplifier Makers Choice 2508 official Simplifier Docker images are cryptographically signed using Cosign. This ensures the images you use are authentic and haven’t been modified.

Why Container Signing?

– Authenticity: Confirms the image originates from Simplifier AG

– Integrity: Guarantees the image was not altered after signing

– Transparency: Signatures are stored in a public transparency log

– Non-repudiation: Prevents forged or denied signatures

What Do You Need?

1) The Simplifier Public Key (simplifier.pub) — provided by Simplifier AG

2) The Cosign tool — via Docker (no installation) or locally installed

Important: Always verify the authenticity of the public key with Simplifier AG before first use.

Obtain the Public Key

– Contact Simplifier AG Support for the official simplifier.pub file

– Validate the key authenticity through official channels

Quick Verification (Docker — No Installation)

Use the official Cosign Docker image:

# Save the Simplifier public key to 'simplifier.pub'

# Verify the latest makers choice image
docker run --rm -v $(pwd):/workspace \
  gcr.io/projectsigstore/cosign:latest \
  verify --key /workspace/simplifier.pub --insecure-ignore-tlog \
  docker.io/simplifierag/simplifier:2508

Local Cosign Installation

If you have Cosign installed on your system:

cosign verify --key simplifier.pub --insecure-ignore-tlog docker.io/simplifierag/simplifier:2508

Detailed Steps

1) Save the Public Key in a file named simplifier.pub with the content provided by Simplifier AG:

-----BEGIN PUBLIC KEY-----
[Base64 encoded content]
-----END PUBLIC KEY-----

Install Cosign (Local)

Linux:

curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64"
sudo mv cosign-linux-amd64 /usr/local/bin/cosign
sudo chmod +x /usr/local/bin/cosign

macOS:

brew install cosign

Windows:

Download from: Cosign GitHub Releases

Verification Output

Successful verification:

Verification for docker.io/itizzimo/simplifier:latest --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key