updated documentation

Documentation/DocuBlocks/clusterPassword.md

@@ -6,8 +6,7 @@
 The password used for authorization of cluster-internal requests.
 This password will be used to authenticate all requests and responses in
 cluster-internal communication, i.e. requests exchanged between
-coordinators
+coordinators and individual database servers.
-and individual database servers.
 
 This option is used for cluster-internal requests only. Regular requests
 to
@@ -15,7 +14,6 @@ coordinators are authenticated normally using the data in the `_users`
 collection.
 
 If coordinators and database servers are run with authentication turned
-off,
+off, (e.g. by setting the *--server.authentication* option to *false*),
-(e.g. by setting the *--server.disable-authentication* option to *true*),
 the cluster-internal communication will also be unauthenticated.
 

Documentation/DocuBlocks/clusterUsername.md

@@ -6,16 +6,13 @@
 The username used for authorization of cluster-internal requests.
 This username will be used to authenticate all requests and responses in
 cluster-internal communication, i.e. requests exchanged between
-coordinators
+coordinators and individual database servers.
-and individual database servers.
 
 This option is used for cluster-internal requests only. Regular requests
-to
+to coordinators are authenticated normally using the data in the *_users*
-coordinators are authenticated normally using the data in the *_users*
 collection.
 
 If coordinators and database servers are run with authentication turned
-off,
+off, (e.g. by setting the *--server.authentication* option to *false*),
-(e.g. by setting the *--server.disable-authentication* option to *true*),
 the cluster-internal communication will also be unauthenticated.
 

Documentation/DocuBlocks/foxxQueues.md

@@ -1,14 +1,13 @@
 
 @startDocuBlock foxxQueues
 @brief enable or disable the Foxx queues feature
-`--server.foxx-queues flag`
+`--foxx.queues flag`
 
 If *true*, the Foxx queues will be available and jobs in the queues will
 be executed asynchronously.
 
 The default is *true*.
 When set to `false` the queue manager will be disabled and any jobs
-are prevented from being processed, which may reduce CPU load a great
+are prevented from being processed, which may reduce CPU load a bit.
-deal.
 @endDocuBlock
 

Documentation/DocuBlocks/foxxQueuesPollInterval.md

@@ -1,17 +1,15 @@
 
 @startDocuBlock foxxQueuesPollInterval
 @brief poll interval for Foxx queues
-`--server.foxx-queues-poll-interval value`
+`--foxx-queues-poll-interval value`
 
 The poll interval for the Foxx queues manager. The value is specified in
 seconds. Lower values will mean more immediate and more frequent Foxx
-queue
+queue job execution, but will make the queue thread wake up and query the
-job execution, but will make the queue thread wake up and query the
 queues more often. When set to a low value, the queue thread might cause
 CPU load.
 
 The default is *1* second. If Foxx queues are not used much, then this
-value
+value may be increased to make the queues thread wake up less.
-may be increased to make the queues thread wake up less.
 @endDocuBlock
 

Documentation/DocuBlocks/keep_alive_timeout.md

@@ -1,13 +1,12 @@
 
 @startDocuBlock keep_alive_timeout
 @brief timeout for HTTP keep-alive
-`--server.keep-alive-timeout`
+`--http.keep-alive-timeout`
 
 Allows to specify the timeout for HTTP keep-alive connections. The timeout
 value must be specified in seconds.
 Idle keep-alive connections will be closed by the server automatically
-when
+when the timeout is reached. A keep-alive-timeout value 0 will disable the keep
-the timeout is reached. A keep-alive-timeout value 0 will disable the keep
 alive feature entirely.
 @endDocuBlock
 

Documentation/DocuBlocks/serverAllowMethod.md

@@ -1,7 +1,7 @@
 
 
 @brief allow HTTP method override via custom headers?
-`--server.allow-method-override`
+`--http.allow-method-override`
 
 When this option is set to *true*, the HTTP request method will optionally
 be fetched from one of the following HTTP request headers if present in
@@ -15,8 +15,7 @@ If the option is set to *true* and any of these headers is set, the
 request method will be overridden by the value of the header. For example,
 this allows issuing an HTTP DELETE request which to the outside world will
 look like an HTTP GET request. This allows bypassing proxies and tools
-that
+that will only let certain request types pass.
-will only let certain request types pass.
 
 Setting this option to *true* may impose a security risk so it should only
 be used in controlled environments.

Documentation/DocuBlocks/serverAuthenticateSystemOnly.md

@@ -1,14 +1,14 @@
 
 @startDocuBlock serverAuthenticateSystemOnly
 @brief whether or not only requests to internal URLs need authentication
-`--server.authenticate-system-only boolean`
+`--server.authentication-system-only boolean`
 
 Controls whether incoming requests need authentication only if they are
 directed to the ArangoDB's internal APIs and features, located at
 */_api/*,
 */_admin/* etc.
 
-IF the flag is set to *true*, then HTTP authentication is only
+If the flag is set to *true*, then HTTP authentication is only
 required for requests going to URLs starting with */_*, but not for other
 URLs. The flag can thus be used to expose a user-made API without HTTP
 authentication to the outside world, but to prevent the outside world from
@@ -16,16 +16,15 @@ using the ArangoDB API and the admin interface without authentication.
 Note that checking the URL is performed after any database name prefix
 has been removed. That means when the actual URL called is
 */_db/_system/myapp/myaction*, the URL */myapp/myaction* will be used for
-*authenticate-system-only* check.
+*authentication-system-only* check.
 
-The default is *false*.
+The default is *true*.
 
-Note that authentication still needs to be enabled for the server
+Note that authentication still needs to be enabled for the server regularly 
-regularly
 in order for HTTP authentication to be forced for the ArangoDB API and the
 web interface.  Setting only this flag is not enough.
 
 You can control ArangoDB's general authentication feature with the
-*--server.disable-authentication* flag.
+*--server.authentication* flag.
 @endDocuBlock
 

Documentation/DocuBlocks/serverAuthenticationDisable.md

@@ -1,19 +1,17 @@
 
 
 @brief disable authentication for requests via UNIX domain sockets
-`--server.disable-authentication-unix-sockets value`
+`--server.authentication-unix-sockets value`
 
-Setting *value* to true will turn off authentication on the server side
+Setting *value* to false will turn off authentication on the server side
-for requests coming in via UNIX domain sockets. With this flag enabled,
+for requests coming in via UNIX domain sockets. With this setting,
 clients located on the same host as the ArangoDB server can use UNIX
-domain
+domain sockets to connect to the server without authentication.
-sockets to connect to the server without authentication.
 Requests coming in by other means (e.g. TCP/IP) are not affected by this
 option.
 
-The default value is *false*.
+The default value is *true*.
 
 **Note**: this option is only available on platforms that support UNIX
-domain
+domain sockets.
-sockets.
 

Documentation/DocuBlocks/serverBacklog.md

@@ -1,7 +1,7 @@
 
 
 @brief listen backlog size
-`--server.backlog-size`
+`--tcp.backlog-size`
 
 Allows to specify the size of the backlog for the *listen* system call
 The default value is 10. The maximum value is platform-dependent.

Documentation/DocuBlocks/serverDisableReplicationApplier.md

@@ -1,18 +1,17 @@
 
 
 @brief disable the replication applier on server startup
-`--server.disable-replication-applier flag`
+`--database.replication-applier flag`
 
-If *true* the server will start with the replication applier turned off,
+If *false* the server will start with the replication applier turned off,
 even if the replication applier is configured with the *autoStart* option.
 Using the command-line option will not change the value of the *autoStart*
 option in the applier configuration, but will suppress auto-starting the
 replication applier just once.
 
-If the option is not used, ArangoDB will read the applier configuration
+If the option is set to *true*, ArangoDB will read the applier configuration
-from
+from the file *REPLICATION-APPLIER-CONFIG* on startup, and use the value of the
-the file *REPLICATION-APPLIER-CONFIG* on startup, and use the value of the
 *autoStart* attribute from this file.
 
-The default is *false*.
+The default is *true*.
 

Documentation/DocuBlocks/serverHideProductHeader.md

@@ -1,7 +1,7 @@
 
 
 @brief hide the "Server: ArangoDB" header in HTTP responses
-`--server.hide-product-header`
+`--http.hide-product-header`
 
 If *true*, the server will exclude the HTTP header "Server: ArangoDB" in
 HTTP responses. If set to *false*, the server will send the header in

Documentation/DocuBlocks/serverKeyfile.md

@@ -1,10 +1,9 @@
 
 
 @brief keyfile containing server certificate
-`--server.keyfile filename`
+`--ssl.keyfile filename`
 
-If SSL encryption is used, this option must be used to specify the
+If SSL encryption is used, this option must be used to specify the filename 
-filename
 of the server private key. The file must be PEM formatted and contain both
 the certificate and the server's private key.
 
@@ -52,7 +51,6 @@ following commands should create a valid keyfile:
 For further information please check the manuals of the tools you use to
 create the certificate.
 
-**Note**: the \-\-server.keyfile option must be set if the server is
+**Note**: the \-\-ssl.keyfile option must be set if the server is
-started with
+started with at least one SSL endpoint.
-at least one SSL endpoint.
 

Documentation/DocuBlocks/serverReuseAddress.md

@@ -1,7 +1,7 @@
 
 
 @brief try to reuse address
-`--server.reuse-address`
+`--tcp.reuse-address`
 
 If this boolean option is set to *true* then the socket option
 SO_REUSEADDR is set on all server endpoints, which is the default.

Documentation/DocuBlocks/serverSSLCache.md

@@ -1,13 +1,12 @@
 
 
 @brief whether or not to use SSL session caching
-`--server.ssl-cache value`
+`--ssl.session-cache value`
 
 Set to true if SSL session caching should be used.
 
 *value* has a default value of *false* (i.e. no caching).
 
 **Note**: this option is only relevant if at least one SSL endpoint is
-used, and
+used, and only if the client supports sending the session id.
-only if the client supports sending the session id.
 

Documentation/DocuBlocks/serverSSLCipher.md

@@ -1,7 +1,7 @@
 
 
 @brief ssl cipher list to use
-`--server.ssl-cipher-list cipher-list`
+`--ssl.cipher-list cipher-list`
 
 This option can be used to restrict the server to certain SSL ciphers
 only,

Documentation/DocuBlocks/serverSSLOptions.md

@@ -1,7 +1,7 @@
 
 
 @brief ssl options to use
-`--server.ssl-options value`
+`--ssl-.options value`
 
 This option can be used to set various SSL-related options. Individual
 option values must be combined using bitwise OR.

Documentation/DocuBlocks/serverSSLProtocol.md

@@ -1,7 +1,7 @@
 
 
 @brief SSL protocol type to use
-`--server.ssl-protocolvalue`
+`--ssl.protocol value`
 
 Use this option to specify the default encryption protocol to be used.
 The following variants are available:
@@ -9,6 +9,7 @@ The following variants are available:
 - 2: SSLv23
 - 3: SSLv3
 - 4: TLSv1
+- 5: TLSv1.2 (recommended)
 
 The default *value* is 4 (i.e. TLSv1).
 

Documentation/DocuBlocks/server_authentication.md

@@ -1,12 +1,12 @@
 
 @startDocuBlock server_authentication
 @brief disable authentication for ALL client requests
-`--server.disable-authentication`
+`--server.authentication`
 
-Setting value to true will turn off authentication on the server side
+Setting this option to *false* will turn off authentication on the server side
 so all clients can execute any action without authorization and privilege
 checks.
 
-The default value is *false*.
+The default value is *true*.
 @endDocuBlock
 

Documentation/DocuBlocks/v8Contexts.md

@@ -1,7 +1,7 @@
 
 
 @brief number of V8 contexts for executing JavaScript actions
-`--server.v8-contexts number`
+`--javascript.v8-contexts number`
 
 Specifies the *number* of V8 contexts that are created for executing
 JavaScript code. More contexts allow execute more JavaScript actions in