Launcher

Windows launcher

When installing the Trust1Connector you will have a launcher executable. This executable takes care of a couple of things;

  • Starting the Trust1Connector

  • Stopping the Trust1Connector

  • Migration (makes sure file-exchange is kept between installation)

Below you can find an output of the flags and options that can be used;

most used variables to just managing the Connector are --stop --restart --env [env]. The other flags are used to customize the Connector

t1c-launch.exe
Trust1Connector launcher 3.8.6
Trust1Team <development@trust1team.com>
Launcher for the Trust1Connector

USAGE:
    t1c-launch [FLAGS] [OPTIONS] [ARGS]

FLAGS:
    -d, --debug             Enables Debug mode (additional endpoints ex. '/decrypt' available)
        --ds.reg            Enables the use of the Distribution service Registry (only in online mode) -
                            ds.server_address MUST be provided - there is no default DS
        --enable.curl       Enables the use of CURL for DS communication (enabling NTLM or SSPI on Windows). Fallback on
                            regular DS communication.
        --enable.jwt        Enables the use of JWT validation middleware on the API server. No use cases can be
                            performed without sending a valid JWT from the consumer request. The JWT must be issued by
                            the configured DS.
    -f                      Enables the use for the file logger.
        --fix.dns.rebind    When added, the API will verify the DNS on the local device, when failing: try to update
                            host file, asking user for admin permissions
        --fix.ssl.direct    When added, the API will check the validity of the SSL certificate on startup.
    -h, --help              Prints help information
        --http              Runs the API and Registry (if enabled) in HTTP mode (no mTLS)
        --migrate           Executes the migrate functionality which will cleanup the current installation
        --nofilex           Writes a marker file (nofilex.marker) to Program Files folder, denoting the inactivation of
                            the file exchange module in shared environment
    -q                      Overrides file log and uses a console subscriber instead (tokio-console) to view the tracing
                            logs in detail.
        --remove-launchd    Removes the launchd configuration from the system (Only on MacOS)
        --restart           Restart the Trust1Connector
        --silent            silent mode which will not hide the console window
        --skip-kill         Skips killing the processes upon start|restart|stop|migrate
    -z, --standalone        Disables Registry, runs only in standalone mode without support for multi-host sessions
        --stop              Stop the running instance
    -V, --version           Prints version information

OPTIONS:
        --api.bin_name <api.bin_name>                   Overwrite the default T1C api binary file.
    -p, --api.port <rnd:{10000-65535}>                  Sets the API port
        --api.server_address <localhost>                Sets the API URI.
        --cors <cors>
            Provide a base64 encode, comma-separated list of cors origins to be provided on startup. When using a
            Distribution Service, the CORS is overwritten by the DS configuration.
        --dialogs.timeout <60>
            Default timeout for dialogs (PIN, file chooser, dir chooser or other on Windows and OSX), override on API
            per use case possible
        --dns <t1c.t1t.io>
            Sets DNS for the T1C (recommended that the other server addresses are set on [localhost]).

        --ds.api.key <ds.api.key>
            Set the License key, by default using the packaged key. This is needed when operating with a DS for key
            exchange
        --ds.cycle <28800>
            Amount of second to sync with the Distribution Service (8 hours). Upon install, restart and init DS sync
            will be triggered.
        --ds.server_address <ds.t1t.io>
            Activated ONLINE mode using given Distribution Service Host. If not given, the T1C-API runs in OFFLINE mode

        --env <prod>
            Defines the environment where the Trust1Connector must run [possible values: dev, acc, prod]

        --grpc.port <rnd:{10000-65535}>                 Sets the GRPC port.
        --grpc.server_address <localhost>               Sets the GRPC URI.
    -A, --grpc.server_bin_name <t1c-sandbox-service>    The name of the binary executable for the Sandbox
        --launcher.bin_name <t1c-launch>
            Overwrite the default T1C Launcher binary file. By default for OSX: launchctl, WIN: t1c-launch.exe, LINUX:
            t1c-launch. This option only works for Windows and Linux OS as OSX is using by default launchctl.
        --log <log>
            Log filter, following tokio tracing crate syntax. For example: t1c_rust_api=info|warn|debug.

        --ntlm.proxy_address <ntlm.proxy_address>
            Sets the IP Address of the NTLM proxy server. Disabled by default

        --payload.size <2000>
            The amount in kilobyte of allowed body payload size. By default 2000 kilobyte: body payload of 2MB accepted.
            Maximum value: 50000 (50MB)
    -t, --reg.cycle <60>                                Amount of second to sync with the registry process
    -x, --reg.port <51883>                              Sets the Registry port (fixed per customer).
        --reg.server_address <localhost>                Sets the Registry URI.
    -C, --reg.server_bin_name <t1c-reg>                 The name of the binary executable for the Registry
        --root.api.path <root.api.path>                 Set the root folder for the api.
        --root.launcher.path <root.launcher.path>       Set the root folder for the launcher, by default uses user.path.
    -w, --root.reg.path <root.reg.path>                 Set the root folder for the registry.
    -r, --root.sandbox.path <root.sandbox.path>         Set the root folder for the sandbox.
    -U, --user.path <user.path>
            Set the folder for user files for the trust1team-launch. The device pem/cert, log files and file exchange
            mappings are directly available in this folder.
        --workers <2>
            Amount of HTTP workers for multi-threading. Mostly the number of logical CPUs in a system, by default is set
            to 2.

ARGS:
    <external.storage>              Enables the use of external storage for the file exchange module. This is only
                                    available on Windows and Mac OSX.
    <external.storage.overwrite>    Overwrites the generated files for each card reading.
    <external.storage.format>       Defines the card dump format (xml|json)
    <external.storage.poll>         Amount of seconds to poll for new card dumps.
    <external.storage.path>         Folder location where the file must be created (file contains the card
                                    information following the chosen format

Start the Trust1Connector

To start the trust1connector you can execute the following, be aware that the command option depends on which environment you have installed. Below you can find in comments which environment will be triggered.

When the start command is executed the Trust1Connector will first stop the running instances before starting.

Running the launcher as a different environment from which you have installed will not work

# production
t1c-launch.exe

# acceptance
t1c-launch.exe --env acc

# develop
t1c-launch.exe --env dev

Stop the Trust1Connector

Similar like starting the Trust1Connector you can manually stop this. This is done via the -s flag

Running the launcher as a different environment from which you have installed will not work

# production
t1c-launch.exe --stop

# acceptance
t1c-launch.exe --env acc --stop

# develop
t1c-launch.exe --env dev --stop

Migration

Migration is a function that will make sure that some data is retained between installation, such as the file-exchange configuration.

This function is automatically executed when uninstalling the Trust1Connector.

We do not advise to run this on your own as this can impact the running installation

If you need to run this you can do the following commmands, here again it depends on the environment option

# production
t1c-launch.exe --migrate

# acceptance
t1c-launch.exe --env acc --migrate

# develop
t1c-launch.exe --env dev --migrate

MacOS launcher

When installing the Trust1Connector you will have a launcher executable. This executable takes care of a couple of things;

  • Starting the Trust1Connector

  • Stopping the Trust1Connector

  • Migration (makes sure file-exchange is kept between installation)

MacOS launcher has the same functionality but works differently in the background. It will use launchd to start/run the Connector.

Below you can find an output of the flags and options that can be used;

most used variables to just managing the Connector are --stop --restart --env [env]. The other flags are used to customize the Connector

t1c-launch.exe
USAGE:
    t1c-launch [FLAGS] [OPTIONS]

FLAGS:
    -d, --debug             Enables Debug mode (additional endpoints ex. '/decrypt' available)
        --ds.reg            Enables the use of the Distribution service Registry (only in online mode) -
                            ds.server_address MUST be provided - there is no default DS
        --enable.curl       Enables the use of CURL for DS communication (enabling NTLM or SSPI on Windows). Fallback on
                            regular DS communication.
        --enable.jwt        Enables the use of JWT validation middleware on the API server. No use cases can be
                            performed without sending a valid JWT from the consumer request. The JWT must be issued by
                            the configured DS.
    -h, --help              Prints help information
        --migrate           Executes the migrate functionality which will cleanup the current installation
        --nofilex           Writes a marker file (nofilex.marker) to Program Files folder, denoting the inactivation of
                            the file exchange module in shared environment
        --remove-launchd    Removes the launchd configuration from the system (Only on MacOS)
        --restart           Restart the Trust1Connector
        --silent            silent mode which will not hide the console window
        --skip-kill         Skips killing the processes upon start|restart|stop|migrate
    -z, --standalone        Disables Registry, runs only in standalone mode without support for multi-host sessions
        --stop              Stop the running instance
    -V, --version           Prints version information

OPTIONS:
        --api.bin_name <api.bin_name>                   Overwrite the default T1C api binary file.
    -p, --api.port <rnd:{10000-65535}>                  Sets the API port
        --cors <cors>
            Provide a base64 encode, comma-separated list of cors origins to be provided on startup. When using a
            Distribution Service, the CORS is overwritten by the DS configuration.
        --dialogs.timeout <60>
            Default timeout for dialogs (PIN, file chooser, dir chooser or other on Windows and OSX), override on API
            per use case possible
        --ds.api.key <ds.api.key>
            Set the License key, by default using the packaged key. This is needed when operating with a DS for key
            exchange
        --ds.cycle <28800>
            Amount of second to sync with the Distribution Service (8 hours). Upon install, restart and init DS sync
            will be triggered.
        --ds.server_address <ds.t1t.io>
            Activated ONLINE mode using given Distribution Service Host. If not given, the T1C-API runs in OFFLINE mode

        --env <prod>
            Defines the environment where the Trust1Connector must run [possible values: dev, acc, prod]

    -g, --grpc.port <rnd:{10000-65535}>                 Sets the GRPC port.
    -A, --grpc.server_bin_name <t1c-sandbox-service>    The name of the binary executable for the Sandbox
        --launcher.bin_name <t1c-launch>
            Overwrite the default T1C Launcher binary file. By default for OSX: launchctl, WIN: t1c-launch.exe, LINUX:
            t1c-launch. This option only works for Windows and Linux OS as OSX is using by default launchctl.
        --ntlm.proxy_address <ntlm.proxy_address>
            Sets the IP Address of the NTLM proxy server. Disabled by default

        --payload.size <2000>
            The amount in kilobyte of allowed body payload size. By default 2000 kilobyte: body payload of 2MB accepted.
            Maximum value: 50000 (50MB)
    -t, --reg.cycle <60>                                Amount of second to sync with the registry process
    -x, --reg.port <51883>                              Sets the Registry port (fixed per customer).
    -C, --reg.server_bin_name <t1c-reg>                 The name of the binary executable for the Registry
        --root.api.path <root.api.path>                 Set the root folder for the api.
        --root.launcher.path <root.launcher.path>       Set the root folder for the launcher, by default uses user.path.
    -w, --root.reg.path <root.reg.path>                 Set the root folder for the registry.
    -r, --root.sandbox.path <root.sandbox.path>         Set the root folder for the sandbox.
    -U, --user.path <user.path>
            Set the folder for user files for the trust1team-launch. The device pem/cert, log files and file exchange
            mappings are directly available in this folder.
        --workers <2>
            Amount of HTTP workers for multi-threading. Mostly the number of logical CPUs in a system, by default is set
            to 2.

Start the Trust1Connector

To start the trust1connector you can execute the following, be aware that the command option depends on which environment you have installed. Below you can find in comments which environment will be triggered.

When the start command is executed the Trust1Connector will first stop the running instances before starting.

Running the launcher as a different environment from which you have installed will not work

# production
./t1c-launch

# acceptance
./t1c-launch --env acc

# develop
./t1c-launch --env dev

Stop the Trust1Connector

Similar like starting the Trust1Connector you can manually stop this. This is done via the -s flag

Running the launcher as a different environment from which you have installed will not work

# production
./t1c-launch --stop

# acceptance
./t1c-launch --env acc --stop

# develop
./t1c-launch --env dev --stop

Migration

Migration is a function that will make sure that some data is retained between installation, such as the file-exchange configuration.

This function is automatically executed when uninstalling the Trust1Connector.

We do not advise to run this on your own as this can impact the running installation

If you need to run this you can do the following commmands, here again it depends on the environment option

# production
./t1c-launch --migrate

# acceptance
./t1c-launch --env acc --migrate

# develop
./t1c-launch --env dev --migrate

Check if the Trust1Connector is running via launchd

If you want to check if the launchd API is running you can do the following;

# list the launchd instances and then grep the t1t
launchctl list | grep t1t

# The following should have a similar output, the 2nd number will be a different number when the Trust1Connector is not starting correctly
    64832	0	com.t1t.t1c.api

The output will have 3 parameters;

  1. PID of the running instance, will be 0 if not running

  2. Error code of the instance, will be 0 if none

  3. name of the launchd program

If you have an error code and the PID is 0, please contact support.

An error code can occur and will remain visible in the launchctl command. As long as the instance has a valid PID it means the Trust1Connector is running as expected.

That error code can indicate a crash from the past.

Last updated